www.thestar.com Open in urlscan Pro
108.138.17.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On September 04 via api (September 4th 2022, 11:48:24 am UTC) from SG — Scanned from DE

Summary HTTP 413 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 84 IPs in 12 countries across 70 domains to perform 413 HTTP transactions. The main IP is 108.138.17.25, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 120536.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.17.107 108.138.17.107	16509 (AMAZON-02) (AMAZON-02)
1 54	108.138.17.25 108.138.17.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
3	13.32.121.97 13.32.121.97	16509 (AMAZON-02) (AMAZON-02)
11	18.66.112.94 18.66.112.94	16509 (AMAZON-02) (AMAZON-02)
1 9	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2.21.185.146 2.21.185.146	16625 (AKAMAI-AS) (AKAMAI-AS)
22	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	52.54.133.158 52.54.133.158	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.198.15 150.136.198.15	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	52.84.106.80 52.84.106.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	108.138.2.89 108.138.2.89	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
3 4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.138.7.116 108.138.7.116	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	13.32.118.153 13.32.118.153	16509 (AMAZON-02) (AMAZON-02)
1	52.222.250.115 52.222.250.115	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
30	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f1d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:49::44 2620:1ec:49::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
21	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.212.208.199 52.212.208.199	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
12	34.251.87.173 34.251.87.173	16509 (AMAZON-02) (AMAZON-02)
4	2a03:b0c0:3:f... 2a03:b0c0:3:f0::1bc:5000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	52.213.150.8 52.213.150.8	16509 (AMAZON-02) (AMAZON-02)
11	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
44	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	34.250.104.41 34.250.104.41	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.154.221.23 54.154.221.23	16509 (AMAZON-02) (AMAZON-02)
30	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:27::... 2620:1ec:27::cafe:1834	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.120.43.214 3.120.43.214	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.173.142 52.59.173.142	16509 (AMAZON-02) (AMAZON-02)
1	18.196.120.249 18.196.120.249	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	52.59.78.133 52.59.78.133	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	18.203.72.119 18.203.72.119	16509 (AMAZON-02) (AMAZON-02)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	54.155.183.30 54.155.183.30	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 2	54.229.65.185 54.229.65.185	() ()
2 2	13.248.245.213 13.248.245.213	() ()
1	69.173.144.138 69.173.144.138	() ()
413	84

1 108.138.17.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-107.fra56.r.cloudfront.net

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 108.138.17.25 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-25.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-97.fra60.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.112.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-94.fra56.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.21.185.146 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-146.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.133.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-133-158.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.198.15 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.106.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-80.bud50.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:890 (United States)

ASN13335 (CLOUDFLARENET, US)

static.app.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.2.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-89.fra56.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-116.fra56.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-153.fra60.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-115.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:f700:4::212:4f1d (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:49::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.208.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-208-199.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.251.87.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:b0c0:3:f0::1bc:5000 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

events.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.150.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:f700:4::212:4f23 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.104.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.221.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-221-23.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:f700:4::212:4f10 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5baa (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1834 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.43.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-43-214.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.173.142 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-173-142.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.120.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-120-249.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.78.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-133.eu-central-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.25 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.205.243 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.94.171.213 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.72.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-72-119.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.183.30 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-183-30.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.65.185 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	thestar.com 2 redirects thestar.com — Cisco Umbrella Rank: 71068 www.thestar.com — Cisco Umbrella Rank: 120536 e377.thestar.com — Cisco Umbrella Rank: 218380 images.thestar.com — Cisco Umbrella Rank: 97924 resources.thestar.com — Cisco Umbrella Rank: 162005 misc.thestar.com — Cisco Umbrella Rank: 726266 s.thestar.com — Cisco Umbrella Rank: 216929	2 MB
71	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 64624 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 125097 img.sportradar.com — Cisco Umbrella Rank: 80440	1 MB
43	googlesyndication.com 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 pagead2.googlesyndication.com — Cisco Umbrella Rank: 112	683 KB
26	google.com 4 redirects news.google.com — Cisco Umbrella Rank: 5310 region1.analytics.google.com — Cisco Umbrella Rank: 6141 play.google.com — Cisco Umbrella Rank: 32 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	70 KB
22	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9927 query.petametrics.com — Cisco Umbrella Rank: 10950	70 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	208 KB
15	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 23134 elb.the-ozone-project.com — Cisco Umbrella Rank: 9278	90 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 448 image6.pubmatic.com — Cisco Umbrella Rank: 606 image2.pubmatic.com — Cisco Umbrella Rank: 859 simage2.pubmatic.com — Cisco Umbrella Rank: 677 image4.pubmatic.com — Cisco Umbrella Rank: 845 simage4.pubmatic.com	25 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	218 KB
9	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 6454 z.moatads.com — Cisco Umbrella Rank: 396 mb.moatads.com — Cisco Umbrella Rank: 652 px.moatads.com — Cisco Umbrella Rank: 459	149 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	200 KB
7	permutive.com api.permutive.com — Cisco Umbrella Rank: 1975	940 B
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 44575	26 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5323	112 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 614 cm.adform.net — Cisco Umbrella Rank: 1538	2 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 527 c.clarity.ms — Cisco Umbrella Rank: 955 e.clarity.ms — Cisco Umbrella Rank: 5352	26 KB
4	onaudience.com 4 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3345	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 586 px4.ads.linkedin.com — Cisco Umbrella Rank: 6068	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 354 c.bing.com — Cisco Umbrella Rank: 213	13 KB
4	kumulos.com events.kumulos.com — Cisco Umbrella Rank: 105013
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	46 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 225	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	267 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 202 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 187675	5 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6487 adservice.google.de — Cisco Umbrella Rank: 9270	1 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 792	408 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 616351	180 KB
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
2	3lift.com 2 redirects eb2.3lift.com	798 B
2	avct.cloud 2 redirects ads.avct.cloud	996 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 501	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 721	668 B
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 27073	2 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 452	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4705	558 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 18472	681 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1312	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 336	529 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2861 p1.parsely.com — Cisco Umbrella Rank: 2210	26 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	72 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 262491	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 611	30 KB
2	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 700 analytics.twitter.com — Cisco Umbrella Rank: 529	749 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 417	536 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 849	610 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 924	344 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 696	363 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 619	277 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1493	350 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 540	35 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1706	360 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1784	357 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1526	157 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 754	3 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1410	8 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	23 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 967	517 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	27 KB
1	t.co t.co — Cisco Umbrella Rank: 499	336 B
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 59196	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 229890	394 B
1	app.delivery static.app.delivery — Cisco Umbrella Rank: 213711	32 KB
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 198844	490 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 191543	129 KB
0	districtm.io Failed dmx.districtm.io Failed
413	70

	Domain	Requested by
54	www.thestar.com	1 redirects www.thestar.com
34	tpc.googlesyndication.com	www.thestar.com securepubads.g.doubleclick.net 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.ampproject.org
30	img.sportradar.com	www.thestar.com
30	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
22	images.thestar.com	www.thestar.com
21	query.petametrics.com	www.thestar.com
12	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com
11	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
11	e377.thestar.com	www.thestar.com e377.thestar.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	news.google.com	1 redirects www.thestar.com news.google.com www.gstatic.com
7	pagead2.googlesyndication.com	tpc.googlesyndication.com securepubads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
7	www.google.com	3 redirects www.thestar.com 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com tpc.googlesyndication.com
7	play.google.com	www.gstatic.com
7	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	image2.pubmatic.com	ads.pubmatic.com
5	px.moatads.com	www.thestar.com
4	pixel.onaudience.com	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	googleads.g.doubleclick.net	www.thestar.com 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
4	events.kumulos.com	static.app.delivery
4	www.gstatic.com	news.google.com www.gstatic.com
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	ib.adnxs.com	3 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
3	cm.g.doubleclick.net	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	news.google.com fonts.googleapis.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	unpkg.com	2 redirects www.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	data.ontario.ca	misc.thestar.com
3	resources.thestar.com	www.thestar.com resources.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
3	fonts.googleapis.com	www.thestar.com misc.thestar.com client
2	eb2.3lift.com	2 redirects
2	ads.avct.cloud	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	loada.exelator.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	ad2.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	ads.pubmatic.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	www.thestar.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagservices.com	www.thestar.com 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
2	sb.scorecardresearch.com	www.thestar.com
2	misc.thestar.com	www.thestar.com misc.thestar.com
2	z.moatads.com	www.thestar.com sejs.moatads.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com www.googletagmanager.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel.rubiconproject.com
1	cm.adform.net	1 redirects
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	ps.eyeota.net	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ap.lijit.com
1	rtb.openx.net
1	match.sharethrough.com
1	crb.kargo.com
1	ssbsync-global.smartadserver.com	1 redirects
1	e.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	alb.reddit.com
1	ad.doubleclick.net	www.thestar.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	cm.everesttech.net	1 redirects
1	s.thestar.com	resources.thestar.com
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	p1.parsely.com	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	connect.facebook.net	www.thestar.com
1	analytics.twitter.com	www.thestar.com
1	t.co	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	static.app.delivery	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
1	thestar.com	1 redirects
0	dmx.districtm.io Failed
413	112

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.niagarafallsreview.ca Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.prmutv.co R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-09-11`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn.liftigniter.com R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.liftigniter.com R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.ozpr.net Amazon	`2022-05-08` - `2023-06-06`	a year	crt.sh
*.kumulos.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-03` - `2023-06-02`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
fn.sportradar.com R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
img.sportradar.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: A04FB466192CE5B4272ECEE4C8A6E083
Requests: 288 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Frame ID: 60C16F93AF75683FA8218A1DEDE2EDE5
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com
Frame ID: 36A2BAAA3A55F254838855CEA550B064
Requests: 13 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: C4B19B9A1769F10BA6F181933806EF85
Requests: 1 HTTP requests in this frame

Frame: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA0D4D523D8508B893E534B8BFB86FFD
Requests: 1 HTTP requests in this frame

Frame: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66D7464379582F8FC5E08ABD4BA202CF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 4B854BCBB37793121593E58012D2245B
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 47F8CC49E9FDC91710237404A760F69E
Requests: 15 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: D64FED929E1DB6788328E3C29CF8FBCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
Frame ID: 0235AFF4C32F8A13B311F47A03622547
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67E7E20A8F6CF5C51B0D2E773B9A2D2A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFE6AE3410BBEABA80312FAF7DA2D881
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E8F60E8384B79B9E3562FF783B55D82
Requests: 2 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=dbe6307f-f3e8-4ae7-86a4-34341647eac3&publisherId=TKN100000001&siteId=4204204311&cb=1662292096870&bidder=ozone
Frame ID: 1161F03434469D46D6A3E926F5963D91
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 17250F43A2E64BD6071A207DEBF5D134
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B
Frame ID: F1B8263AF17767A5C6C7207077A8BD0F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=79769047038600253
Frame ID: 2B030B53C4EA3D6C765C9C3857742DA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b6d06314-9086-4100-88d0-6dca3a0ab3e3&gdpr=0&gdpr_consent=
Frame ID: 114D18CE96CE63F1AF6C238952D5721D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 01D8F14630718FBE703339895EA839C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

413
Requests

93 %
HTTPS

33 %
IPv6

70
Domains

112
Subdomains

84
IPs

12
Countries

6399 kB
Transfer

23202 kB
Size

103
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 79

https://news.google.com/swg/_/ui/v1/serviceiframe?_=461747&publicationId=thestar.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

Request Chain 100

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.0.1 HTTP 302
https://unpkg.com/web-vitals@3.0.1/dist/web-vitals.umd.cjs

Request Chain 273

https://cm.everesttech.net/cm/dd?d_uuid=07364879597786424092184627093328757795 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxSQgQAAAL2ITANx

Request Chain 312

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 313

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 342

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 364

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1662292098512%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQLfhWAyVFcqXgAAAYMIVH837ytXrWx73pjvfJNR1fC2p5V88oBRDdTYqCFwE3w4uSvztX9phwxwzn4C7mDGB6ZKG48PUA

Request Chain 371

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&RedC=c.clarity.ms&MXFR=045BBC2C4BB56C6E16BCAE394FB5623D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&MUID=07084A94B5B06BF41F8A5881B43B6A0B

Request Chain 377

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2206665441545970819

Request Chain 378

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYxSQhCq01BaeIKRGhdnWdgAA%265177

Request Chain 380

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae31332d-abc3-4d5f-8519-807a1b92dd47

Request Chain 385

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=9cb3f82a-52fb-41d8-9ffd-1df22811f4d3

Request Chain 390

https://c1.adform.net/serving/cookie/match?party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B

Request Chain 391

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=79769047038600253

Request Chain 392

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b6d06314-9086-4100-88d0-6dca3a0ab3e3&gdpr=0&gdpr_consent=

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kpZOXYDQTza-UDhNVNqLCw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 395

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=08e06314-9086-4200-87f5-140c36ce2fe3

Request Chain 396

https://pixel.onaudience.com/?partner=214&mapped=92964E5D-80D0-4F36-BE50-384D54DA8B0B HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=33bc7a0973d1629bd34ec76e6b93e064&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e7ed60410134c528/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=e7ed60410134c528/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=13d2ef7e50744eb3

Request Chain 397

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTI5NjRFNUQtODBEMC00RjM2LUJFNTAtMzg0RDU0REE4QjBC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFk3ITqjkygOcVbQHfVbdIQ&google_cver=1

Request Chain 400

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8292620037477096203

Request Chain 402

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489228004284970727&gdpr=0&gdpr_consent=

Request Chain 403

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y4HjUWyC6lB40bMHZYP_Um2GsV14iuIHY4ssLwdb

Request Chain 408

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADmZk7GKSEAAA6zlz5J-g

Request Chain 409

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6489228004284970727

Request Chain 410

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8292620037477096203

Request Chain 411

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=6b1f6137-3616-45d8-8aab-391da36aaf24

Request Chain 412

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4143778246272599941640

413 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

545 KB
93 KB

22ms
22ms

Document
text/html

108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

24c4ef9d117ed41a7b9fe743dc8fe737d6aca292c82d090a6efdbba03f5e6abc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 60
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 11:47:15 GMT
etag: W/"8839a-K8Jl9IkkG17qc5wzMVLD7mTGny0"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-id: IIw3Zjf4zBHQ3eF6Xym8_6mlS027tZ1WiitdcABwS-q9U3kYdtSFhg==
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Sun, 04 Sep 2022 11:48:15 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-id: HNQJPeiduZxDd5eFi15xrwjlWvpAqVCmc_mmMEAZEexpR5WzFLxRgQ==
x-amz-cf-pop: FRA56-P7
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 53ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 09:55:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 11:48:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 11:48:15 GMT

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 26ms
21ms Font
font/ttf 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:38:40 GMT
content-encoding: gzip
age: 11375
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"6028-182cbe97150"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: QYaPNUcVNxzoaYpHO9C4iW3vJTGbow1Rx-qrlcs1MDdRkMKXpqOPuw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 29ms
24ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 10:40:41 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 4054
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"478c-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: M20E39AKdnPL_7X4PPV1iE2kKjAKx7ScHWhHqBG97amf88CInjyROQ==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 30ms
25ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:54:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 10439
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"4764-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: z4sgdDm_fmnI2iL3YCamOd17IfFXvpfKv2gsWzlYo72eWhgboda7LQ==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 33ms
28ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:08:14 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 13201
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"4a6c-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: 7fN7sv_mIzB_FWuJExcwAEFQ5QEFlvxXp2SyPtRzuq7OFZXaInMZRg==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 27ms
23ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:15:34 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 1961
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"4930-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: _yI9_xulSzFiEayAaFD16YOWMyyt2wCSoqdXKVpVd4-8plCFxbhCDg==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 33ms
29ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:30:15 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 11880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"d6f8-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: lbsYF68MDU3JKfkEcqkTHcb_wCxHhpNdkFU7y_aIIRooW6Q80Er-QQ==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 35ms
31ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:43:33 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 7482
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"d1a0-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: BF5S8aJWjFejD4Ozd-8D8e8ee3Rh0esxiM4fnpUGc0dh0mUwqgNi1w==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 30ms
26ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:21:11 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 1624
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"dc3c-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: V7un4Fka1jok9tJLn6ROCSJ-VoC7gB_Qn2sFaNN4C3yMUWPovTqXbA==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 37ms
34ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:12:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 9359
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"d610-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: S8xm23tfFjns1AcsiRton7idGg9H68wVOZGLkfaimXObgfkWqNp-Bg==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 39ms
36ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:57:31 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 6644
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Tue, 23 Aug 2022 18:14:10 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"d420-182cbe97150"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: IBj9-t1FdO6D6v2zCFQTYswi2BNXkUQT-jrwfDRxdX-yypNXsQxwRw==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
2 KB 59ms
8ms Script
application/javascript 13.32.121.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:01:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
age: 39296
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6ARNDJdpFg26VdS-CFqnKqSKTtE4MfH1CXc1n9A_GRepBupsLpG3Jg==

GET
H2 200 script.js Show response
e377.thestar.com/ 142 KB
42 KB 77ms
8ms Script
text/javascript 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

3900b7c64161a9beaaf6f4cb42dd70b934f6d405fd97b3a6aed5db8c45f1c4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 82
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42053
x-xss-protection: 1; mode=block
last-modified: Sat, 03 Sep 2022 09:44:15 GMT
server: -
etag: a6c318fc9a6ff35baaaf9c4193a2b2e0
content-type: text/javascript; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: FRA56-P5
x-robots-tag: noindex, nofollow
x-amz-cf-id: hUHffHLCAxjKS987F6gwyyvqzqJwadLVm90SdHxLY7wss8pxJzdl7Q==
expires: Sun, 04 Sep 2022 11:56:53 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
46 KB 77ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743ccf7c6195413f346cedf25f8572293baf18a87fcb6d0090b74ae4ada25670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 18:50:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 12:06:54 GMT

GET
H2 200 72.css
www.thestar.com/static/ 6 KB
3 KB 12ms
10ms Stylesheet
text/css 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

adf4a7ef4e7dedcbcacd0dba7dd2cdff51f09f6add450cbe42936bdbd8591b2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 15:24:30 GMT
content-encoding: gzip
age: 73425
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:20:41 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"19a0-182cbef68a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: yfySFUEjk_lYCdZpVVEhvOMAbhE2zRGImdYyoNWHKS-iCMHalE3UQQ==

GET
H2 200 bundle.css
www.thestar.com/static/ 381 KB
61 KB 13ms
10ms Stylesheet
text/css 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=54d536299c0e88404dee

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

51951a731f6bdf55550e36101ae73323a699d3320f85e14d8ba0e02e5e191f6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 15:24:30 GMT
content-encoding: gzip
age: 73425
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:20:41 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"5f540-182cbef68a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: lx0zKY_uWo5l500fITYW42zt6P5U7fMnMAZpO676VrcZJvEcouNXgQ==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 515 KB
129 KB 68ms
32ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6a18f0de76888d35572a456bf421c0ae31b5bbb4949a4747b704f3e8792c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 1598
x-guploader-uploadid: ADPycdufkdEgItp6GyPH7o6TSKFUl3MeTMlt5PMzO8NsWAkdcLF1hMp3CGEoDUvwXQfTJGy6OT7Ey3r8b3Kq36_BEBCRgeV1Sdto
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 19:01:37 GMT
server: cloudflare
etag: W/"684d869d521a44c8db9d7eee616c97b3"
vary: Accept-Encoding
x-goog-hash: crc32c=/ElLUA==, md5=aE2GnVIaRMjbnX7uYWyXsw==
x-goog-generation: 1660330897969360
cache-control: public, max-age=900
x-goog-stored-content-length: 134587
cf-ray: 74567ebc2a9f6925-FRA
expires: Sun, 04 Sep 2022 12:03:15 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 251 KB
87 KB 191ms
36ms Script
application/x-javascript 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 50ea706308e049e1d78063e1b725055dc65ce88d3866b53d29a63b9b1ee8ed9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 11:48:15 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: J3CW75902JVNZ5A5
ETag: "637ada41d7575818f4a5955ce94efb13"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=56636
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: PnBItdCNK3aHokZxGKwqHqBNpf8RfVAD+PA6WITqPfWitX9dKI791mv78ZvIhTX+PGU0ujV1TBE=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
467 B 9ms
9ms Script
application/javascript 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:35:18 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 7977
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"16-182cbe97538"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: q9SXr3rhUqTy4NSSTc3hTwhvipq53epMg6P5c6uhAV3RN1IGm5Pswg==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 35ms
31ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 10:29:42 GMT
content-encoding: gzip
age: 4713
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1df3-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: w8qR7d8eRuE9Aim5o57IiuLQbuINWO5nWioDzvlVSJdFiGmIx60a5w==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 34ms
30ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:38:41 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 574
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"24d-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: dMawKJro07tdj_w5mBC0-ztlEjCDRvjr8o7r9URBtMWDAs4W0ZaG_w==

GET
H2 200 Raj_Althia_logonew_2021.jpg
images.thestar.com/j3otWnxhVoNyIWz2Di7JDMe1CCM=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 64ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/j3otWnxhVoNyIWz2Di7JDMe1CCM=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Raj_Althia_logonew_2021.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ce77f5d01c98082766c207c37cebca004ec1f988394cdc69aa4d052fd6f87c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 19 May 2022 00:42:00 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 9371175
etag: "ae2872e63fb226ffda379a71863dbfc27cde3632"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 1952
x-amz-cf-id: WnaWZGJkslSB3hA7gggiyd7gj1EiziIyVxi2ZljtIxIfitk-rQBq3g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Cohn_Martin_Regg_logo_2015.JPG
images.thestar.com/Lxby2C4VDsuLK-aoa64FTTGS2uE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 64ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Lxby2C4VDsuLK-aoa64FTTGS2uE=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Cohn_Martin_Regg_logo_2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: da28bf2e84f3c665cdc032009284db31ef760cc2af92d663d74f698ed03aaf30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 18 May 2022 14:32:53 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 9407722
etag: "643d3b3e69fe6dd50ee5caa5cdf452b7e36067f6"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 1652
x-amz-cf-id: j-KwbJYxSUAojF2EouUVnuWDg0bKgjUPqZ6wlyz0zjpN9w89x0-Lbw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Wilner_Mike_logo2020.jpg
images.thestar.com/Uv1m5CMoUbrwuEoNTUZjPWYRXXc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 1 KB
2 KB 64ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Uv1m5CMoUbrwuEoNTUZjPWYRXXc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Wilner_Mike_logo2020.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60287a1460bc8b22c0f7bbd3f69b5ab66dbda934ec8d94dfdcc1183a15b9cd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 18 May 2022 16:30:14 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 9400681
etag: "c625816b50cd9e4157ed39bd296623ce6d088d39"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 1472
x-amz-cf-id: H0BwiCgeIG1jPivUnAUQf4JOZZUKSbTnRHpGujzochnskyF0ISnxeg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rpj_rentraises02c.jpg
images.thestar.com/w3juxQLNbv0XsWD8tMQBHTlAfxs=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/02/agis-further-threaten-affordable-hous... 33 KB
33 KB 65ms
11ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/w3juxQLNbv0XsWD8tMQBHTlAfxs=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/02/agis-further-threaten-affordable-housing-in-toronto-say-critics/rpj_rentraises02c.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 866a92d987e4e700f5801c3d4c78c1006c666779d7b33c2dd8a0c72abbd5be2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 10:19:18 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 178137
etag: "90fd99739c161d84cc8902ac3f8b2ae4dafca8c0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 33662
x-amz-cf-id: caNADvGSMrw9NQ2gbeD1SYkxZp6yL781vOsiJEY7r9Zn4HGBDLi9MQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eopic.jpg
images.thestar.com/tfGVm_7Q16dBw8owXsSMQNm2Fvs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/tiff/2022/09/03/a-sad-donkey-a-space-doc-and-david-bowie... 65 KB
66 KB 71ms
17ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/tfGVm_7Q16dBw8owXsSMQNm2Fvs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/tiff/2022/09/03/a-sad-donkey-a-space-doc-and-david-bowie-heres-12-picks-for-tiff/eopic.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 430c4c62992effb25244e4236cc4b25bf3ca53736b3cdd580978d2412783a7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 12:04:47 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 85408
etag: "554e60ccea717f8858c078696d920b91290bd89a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 66764
x-amz-cf-id: xsfoRVgfQ-8tirHgsWHUiKr3RLKAbxYb5_S6nynLhNKcRJxEKrkljQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 toys_jpg.jpg
images.thestar.com/zIW7SxagH9ZYkzHZ26SCbnItF7w=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/the-faceoff-hasbro-is-a-market-leader-but-spin-mas... 54 KB
55 KB 65ms
12ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zIW7SxagH9ZYkzHZ26SCbnItF7w=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/the-faceoff-hasbro-is-a-market-leader-but-spin-master-has-seen-revenue-balloon-which-toy-company-comes-out-on-top-heading-into-the-holiday-season/toys_jpg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6054a055f0e053acd7c8dbab52cae1bbb5569aab59bbebadaef65b24bad10c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 10:10:15 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 92280
etag: "71a93c54e08db045b9ddd3a44fea3811b9c0069e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 55430
x-amz-cf-id: z9Bm3PzlWRY3CapsQvjlg1VgK9fjiZgo3V1DCN0k7_oZktD820RaTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2022090406090-631477470e4c200aa58d6925jpeg.jpg
images.thestar.com/3cX_ANrQ7UlYM_-m5lI0GNyE6B8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/2022/09/04/john-paul-i-briefly-serving-smiling-pope-is-beat... 44 KB
44 KB 21ms
21ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/3cX_ANrQ7UlYM_-m5lI0GNyE6B8=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/2022/09/04/john-paul-i-briefly-serving-smiling-pope-is-beatified/2022090406090-631477470e4c200aa58d6925jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5fc57c1a4616b220797fc99e0bc0bc75c6345e604b99ee588e522fc65622be50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:41:22 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 413
etag: "a4e8c9345e7cca2f81a9ec41becd16504d390e91"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 44560
x-amz-cf-id: ryvGowEy3mFGZ2dWdHT0e3XhMYV9EsPAAhniQ3tLoY5oe53cnPM3lA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bichette.jpg
images.thestar.com/GlQcDF9kyH66heQKo3JfLq8Tw9w=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/bo-bichettes-long-at-bat-lifts-blue-jays-ov... 39 KB
39 KB 21ms
20ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/GlQcDF9kyH66heQKo3JfLq8Tw9w=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/bo-bichettes-long-at-bat-lifts-blue-jays-over-pirates/bichette.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 61df68afe8b06249527f0189457292b07c2962e2617b898c13bfafbfd6f1268f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 03:06:37 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 31298
etag: "91d363c400ab3af2350f61c65c076da8cd22cc7f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 40036
x-amz-cf-id: 1SD41BEPI5qzlqXNgXzjGVxdpwdCP9nqKdIm2tKtj8v1DyidrermJQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
721 B 33ms
30ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:21:24 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 1610
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"107-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: 6_69HRcDEEp9MPeQNAaHBj5Zqzqxln5pfepJJrqJsb2jWaBzbBEG0w==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 34ms
31ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:32:23 GMT
content-encoding: gzip
age: 11752
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1e63-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: ScF1YiJTHIycvZHPrMUe7nrBgUd9eMdmVID8qICn-dEXDQy2KvVdDw==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 35ms
32ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:29:40 GMT
content-encoding: gzip
age: 11915
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"2859-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: MLtIuHddrUqSeP8GUd1WKZbNTGa9yxmMqJRvA4fX0bngnHQVQpdM8w==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

56 KB
15 KB

222ms
27ms

Script
application/javascript

199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kjyo7100098-IAD, cache-vie6356-VIE

Redirect headers

x-tw-cdn: VZ
Date: Sun, 04 Sep 2022 11:48:15 GMT
Server: ECS (frb/67F3)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 0

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
567 KB 12ms
9ms Script
application/javascript 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e36589874626401fa1c03db70c8e6355924aeeda7289fc0feb243d03a021ce7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:11 GMT
content-encoding: gzip
age: 124
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:20:41 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"200098-182cbef68a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: GFJ_tklUzvcBpBVXsLdgjM8_DV4MNNm-BJUodE9u2iukq3Bh3TB9Lg==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
241 KB 22ms
20ms Script
application/javascript 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=281c3f9f

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

040ea6d7af8105799ba9a554a816159f586aac71c5a67ac8b90cf3670dc7d246

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:11 GMT
content-encoding: gzip
age: 124
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 23 Aug 2022 18:20:41 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"1367f4-182cbef68a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: Z68UPEk52XjL4O8o17zeYy1DLEnvs1_axay_DW3kPoC7afN7lvGa_w==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 10ms
8ms Script
application/javascript 13.32.121.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 05:04:00 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
age: 28338
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: AMKfHHVeWtVfQSMeF1_zXlfaZbeOfq7BUxbizIpzjhJuVsG5xjJhyg==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
3 KB 10ms
8ms Script
application/javascript 13.32.121.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:12:35 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
age: 36688
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: UZZDeGzhCfIRULvaE19cSgF6Erbd4cGMNC2KQWHW2VOe7t-0VELXXw==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
709 B 312ms
94ms Script
text/javascript 52.54.133.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json161

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.133.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-133-158.compute-1.amazonaws.com

Software

- /

Resource Hash

281bd54e02d4fec024b01751f3b17dafe0c8c98bac9f5bd45e98bce81b6e011c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 412 B
490 B 1455ms
93ms Script
application/javascript 150.136.198.15
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.136.198.15 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 08fd71300e29bdc2aa0872114431446a30a42c2088ba8d244218918c33fe16d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 412
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 350 KB
74 KB 1184ms
273ms Script
text/javascript 52.84.106.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-80.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 927a35b07d6d31298d26ba231ef01c0007c5f89c70710bde0f25ca54585e89bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:32:34 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 11:32:29 GMT
server: AmazonS3
age: 943
etag: W/"fccb72fa23943cdda1e78ee9baa0c2f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: xwqWEvbyXjamoh_uKaAEYaKLSuwX_eH1
via: 1.1 9d638ed0e686bb5bd14bf9c73c1b0134.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
content-type: text/javascript
x-amz-cf-id: lZqYlJ4sT9pvlOlfNei_Kkvdm4aeVMM1bX8RoTwY4gkwjdtWqbdoIg==

GET
H2 200 main.js Show response
static.app.delivery/sdks/web/ 128 KB
32 KB 56ms
18ms Script
application/javascript 2606:4700:20::681a:890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.app.delivery/sdks/web/main.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:890 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790
vary: Accept-Encoding
last-modified: Fri, 26 Nov 2021 12:00:54 GMT
server: cloudflare
etag: W/"61a0cc76-200b0"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdiz7dVnHQDbLzJu3RBTGcvGNCNmTwtTMbK%2F0gLO9PgTfJJqjd1keANWRIpBet%2Bk0MkcowD4ePdKYgj21IYh1QGoEhHtZEo9jiwpwDP6NvsJf6k6oaXtkpfwsFJTnSETK2ZGG7Y7rCj5UkNbM6jrtAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 74567ebda9e99bc8-FRA
expires: Sun, 04 Sep 2022 12:01:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
84 KB 56ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4921231f07c20c8df43c97b3b1cd1f06d93516f55ee9bc1b9a69ee3712c1efec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85098
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 57ms
13ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 72a4cec145402e8c18fea0ad0e1c6a28afe1b1459fa48b78d94d6baeb6ecb17d

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 04 Sep 2022 11:48:14 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 11ms
10ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 63d505a5671fcad43585ab2aff21bbd1b4d430b7a4562dd6080234127fdf2929

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 08:14:53 GMT
server: gfra1
etag: "6311bb7d-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H2 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 109 KB
28 KB 9ms
9ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 20f9ff7d512bd2f9627b944f9c0b30e5cd5ffcc1263abdee1d53eabcca14c0ab

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 04 Sep 2022 11:48:14 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 08:14:47 GMT
server: gfra1
etag: "6311bb77-6ee3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28387
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 98ms
97ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D44112DD016876E6D688C960208811CDB&h=7540b62b54ffcd0a1370ade1a1f88345&r=0.6372537793209725

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 59ms
11ms Script
text/javascript 108.138.2.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 04 Sep 2022 11:22:15 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 1560
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: uuyjn2tTCEvMBVGxTdgUpxZyZCrpMw1yVgWtlsy0aaUnMSHlj7pzng==

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 72ms
17ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: de520bb7e656229af49598b2be71d59d04d5a75ce155df764bce18ba6a5ef1aa

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
703 B 115ms
52ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b67d630d-9f78-4eb1-a17f-831df83617dd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 259 B
364 B 87ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c7b7cbf807bcbd020d4ebba054177b65e53a0352a18df90d4dbafe3d0572017e

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
via: 1.1 google

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 225 KB
64 KB 10ms
10ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: dc8e2cdc99776090ce7cc24ff50e15a8317cc76b66b2a887c302013dca735aa4

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 04 Sep 2022 11:48:14 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 08:14:53 GMT
server: gfra1
etag: "6311bb7d-fe5f"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65119
via: 1.1 google

GET
BLOB 200
OK dffc2544-9e0e-4807-80cc-e75a22e9df5f
https://www.thestar.com/ 296 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/dffc2544-9e0e-4807-80cc-e75a22e9df5f
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb8fd1a6d0d496913054002db2daa057789fe5b480706d6b3a59901fad564c86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 303052

GET
BLOB 200
OK e8ad651b-2924-42f5-8ebc-04fa9489a1f9
https://www.thestar.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/e8ad651b-2924-42f5-8ebc-04fa9489a1f9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c9f5eb566c14c69605fdfd438faafa20d99a5933db3af1856c4e655b8897600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 20393

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 562ms
25ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:16 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 56ms
18ms Script
application/x-javascript 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 9E6806E7D84FC145
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=21469
accept-ranges: bytes
content-length: 54912
x-amz-id-2: Zrs0exCSlH2eR8+Z938XvlVVawaeoJfemWEbut/IN5JaQ1WTLVH5o959X4ax/+VFI7xl1thY5rE=

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 24ms
23ms Font
font/woff2 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/72.css?v=7db92b637058f6d7a9ef
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:00 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 15
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Tue, 23 Aug 2022 18:20:41 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"195ac-182cbef68a8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: lK1sVekqBJLUjp5zwr3bxtqPSe3ldvq8kdrp8c9z8NaRn4SiRgPRpQ==

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 60C1 12 KB
4 KB 60ms
8ms Document
text/html 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5425fef4de3efe663b669fedc49222d899957394803442eea536408e7016ddc

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 213
content-encoding: gzip
content-type: text/html
date: Sun, 04 Sep 2022 11:46:27 GMT
etag: W/"80c5c323c6908a30d9e9593677b0db6f"
last-modified: Mon, 25 Jul 2022 15:34:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-id: IuhcgJJZgYOJ6f_qrm4idh_RDHu4n80dW_qslVAEmSzuR5m5sb4D-w==
x-amz-cf-pop: FRA56-P6
x-amz-meta-version-id: 2pZx6qmfzyg7X5Efu15uJsrTEqTdvM4_
x-amz-version-id: T6dtsI0looo2_g9hf0yHe5qPQNX_AH2w
x-cache: Hit from cloudfront

GET
H2 200 adsct
t.co/i/ 43 B
336 B 300ms
117ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=9f757d87-13c0-416f-819f-d7cf51ec0483&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=abba039b-575c-4a90-8ea6-9c227cd5aa4c&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuz9l&type=javascript&version=2.3.27

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 04 Sep 2022 11:48:15 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6f404e25d025c118626524e1e6d0949b17f7ea8d3f7b158ee4e258ef9920d25a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 299ms
112ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=9f757d87-13c0-416f-819f-d7cf51ec0483&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=abba039b-575c-4a90-8ea6-9c227cd5aa4c&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuz9l&type=javascript&version=2.3.27

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 04 Sep 2022 11:48:15 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6ec8dcbcf33dc8679dd31ce9356adba4604a9b97db1a91162daef356c7dd252e
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 99ms
29ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26752
x-xss-protection: 0
pragma: public
x-fb-debug: AUagm0s8cHPJXKnxJR34m1v9pvR8UElzXudYBuI7AcvP7P7jd2mOzidbLRwKp+FHHxO9+U2hrk+7S80uDy3DGQ==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 04 Sep 2022 11:48:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 59ms
10ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 03:40:31 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 29265
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: IceLWl_J1sBV6PYquCvTpnOOSjgmiU64Cb-dc_CMxKLl0E6irHUFdg==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 446ms
383ms Image
image/gif 13.32.118.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-153.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 11:48:17 GMT
Via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: TloCoUwQsSWTXaeRGHP42iZcazJpsZq65-NKU5E7pS8AuleVu650Aw==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 56ms
7ms Script
application/javascript 52.222.250.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-115.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 00:26:43 GMT
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
Age: 40892
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
X-Amz-Cf-Id: XwJH165-I3XJWNyy6kJ_cgTfN19o1L6k6VtpSV_JhqF39Vst9xSrsw==
Expires: Mon, 05 Sep 2022 00:26:43 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 158 KB
46 KB 97ms
12ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=461747
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c7739b4313f98e7275dd734a1580c1eae0ab8e70e122748b4aa943f838a7a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2022 03:48:28 GMT
server: AmazonS3
x-amz-request-id: R1A9SJF6AATAHJDG
etag: "17d09e5cc30567995790377789515f2a"
x-hw: 1662292095.cds168.fr8.hn,1662292095.cds230.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 47098
accept-ranges: bytes
x-amz-version-id: oWb4E6gOUVlM.RQEJAlt15h5cZTfTqdh
x-amz-id-2: 0jP3IRbIC/etymNlEg79d+yxDpxr4y7PtMPjCP7a27rERkcpFSQjjHs5PBO5RRluBVsqEzR9yXI=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 113ms
20ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 04 Sep 2022 11:35:43 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 753
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
content-encoding: gzip
x-amz-cf-id: LtZPSK238TPNI-ilQS7695yJwM2cAX4TL3VXA1k2-BXdYa4HQWnfTw==

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 28ms
8ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 12:35:36 GMT

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 23ms
21ms Image
image/svg+xml 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=54d536299c0e88404dee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=54d536299c0e88404dee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:24:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
age: 1439
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Tue, 23 Aug 2022 18:14:11 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-frame-options: SAMEORIGIN
etag: W/"2bf-182cbe97538"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: BKdzRJNV1jwy9mnO7lmvi96vjEkvflqZfps2mk0GHIm_8DfBQNcXiw==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0f48248595404b2d99b0bb45bc8061316a3647131cade9bb10eaddc86276209

Request headers

Referer
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 lecce_2_.jpg
images.thestar.com/bkoyUW5SxaSQ3aK6rV8UuCV4PpA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/09/03/there-is-going-to-be-stability-and-cons... 20 KB
21 KB 9ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/bkoyUW5SxaSQ3aK6rV8UuCV4PpA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/09/03/there-is-going-to-be-stability-and-consistency-teacher-unions-expect-labour-peace-at-least-for-the-fall/lecce_2_.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 95467498f20c7a05718bd8b96c4f2eecfc2997ce0296d49a2371339ebc5be381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 10:02:35 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 92740
etag: "42e31fce4d7e2de73f44d17a39e253126397a161"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 20908
x-amz-cf-id: REQaBLT799ld2shDE-Mz5xfSPydHjd-9BVEImdD4dh9yzZpURqyx7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rl_flowerpot_01.jpg
images.thestar.com/dz9wzmH5yJbmweU6iYF_NIt6u3I=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/torontos-pot-shop-reckoning-is-here-industry-watch... 43 KB
43 KB 9ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/dz9wzmH5yJbmweU6iYF_NIt6u3I=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/torontos-pot-shop-reckoning-is-here-industry-watchers-predict-up-to-a-third-of-our-stores-will-close/rl_flowerpot_01.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 578328e993006e1aadf001d01615ea64480a8ddd296eed1e4e60404528ce3be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:06:19 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 88916
etag: "e1f2b1ac164ff6fcb1c0f916607e4ee4a83d6d96"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 43580
x-amz-cf-id: Tl9eIgmKWHTS0hnlTBPa-vEDPtJnvoLRwgOdaQlw0siHjYtPTjsTYA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clarke_2.jpg
images.thestar.com/XMrwzc9XtwgtHz_6FyarA7umJIU=/0x0:1167x778/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/09/03/bobby-clarke-sets-the-re... 38 KB
38 KB 9ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/XMrwzc9XtwgtHz_6FyarA7umJIU=/0x0:1167x778/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/09/03/bobby-clarke-sets-the-record-straight-on-infamous-summit-series-slash-and-his-rocky-relationship-with-paul-henderson/clarke_2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5726d68edccd1c8876a7b4c66d3f36334306dc20d826515f362f13100ef612e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 20:16:29 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 55906
etag: "d2b5ce55df0392f3838f1dcce0d7acd17dbc401f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 38556
x-amz-cf-id: h3q05pyqYL6FFCQsTKQouWsXwmAS_jIa0AbEXlAcGWGYhmV4Ja8H6A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joella_almeida_jpg.jpg
images.thestar.com/9soamOdJKG-10j2jteNGb-toInQ=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/medessist-ceo-joella-almeida-on-community-pharmaci... 13 KB
13 KB 10ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/9soamOdJKG-10j2jteNGb-toInQ=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/03/medessist-ceo-joella-almeida-on-community-pharmacies-as-healthcare-hubs-the-shopify-model-and-the-privatization-debate/joella_almeida_jpg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eea295f2f83e5d861b13d33b5e627d28f4e0f8fb93e568016da20179af00ba16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 11:07:04 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 88871
etag: "c581a1c1c30dac010e4f2b0266382ed585d24367"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 13014
x-amz-cf-id: aJLkz8xOEbx6XrYhrkaFMgNhfXoS5fPwMis_cVFz8dNyyleb7Evvrw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 47ms
31ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: fc05ec05778cbf55f319c58dde43bca6e0eb176f610003865a7ce7d080330a94

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 20ms
11ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 08:14:47 GMT
server: gfra1
etag: "6311bb77-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=281c3f9f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5cbbeb4972b3717ac08103b4ad7902368d349c0aa0523882bd1524cb7c58185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28503
x-xss-protection: 0
server: sffe
etag: "1323 / 812 of 1000 / last-modified: 1662156516"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 11:48:15 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
449 B 10ms
9ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:12 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age: 123
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-P7
content-length: 19
x-amz-cf-id: 07D9g5ouIUUTlgFUzoXGw7DAwlmyyUx0tgKZKRgdT2Dwn8kvahXBTA==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
447 B 8ms
7ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:12 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age: 123
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-P7
content-length: 19
x-amz-cf-id: PismJBMESQ5foo5URMT93xVb_DrTapKNHW2j8kBlmtJq2A5ap_7e8w==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 306 KB
66 KB 248ms
33ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=281c3f9f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f36eefad1b9a90aaa5d1c77f35aaa6b6275b7f7d179274bfd7de0e0463eaf205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "cd8605367894787905b99f4be39c7ff8-453c023483f1e4f1f6e17b9ea50c25d5"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 67321

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 8ms
7ms Other
image/svg+xml 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 11:53:37 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 36A2
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=461747&publicationId=thestar.com
https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

26 KB
8 KB

75ms
75ms

Document
text/html

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4afe1f8594749c9df5e2c5e359dd65f95fcee751af9d3d3437caeaff0046da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I6bzf2uqy7lhzVB88_IV-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I6bzf2uqy7lhzVB88_IV-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-mvcOj7Mme1q43aU6UYqprA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 60C1 4 KB
616 B 48ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 10:16:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 11:48:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 11:48:16 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 60C1 207 KB
69 KB 420ms
419ms Script
application/javascript 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date: Sun, 04 Sep 2022 11:48:17 GMT
x-amz-cf-id: CO_xF1CcBJL7vlJ1SmEbKlRifHg5VCMp6-GL3Duf6j7zfYp94Ry9UQ==

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame 60C1 1 MB
72 KB 1446ms
578ms Script
application/javascript 2620:1ec:49::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=10000&callback=getData1
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56f54ab8c2216361b118e584269f065009757ebe14042190cce66e14b4aa6ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: max-age=1800
access-control-allow-credentials: true
x-azure-ref: 0gJAUYwAAAACF1PyeWx8SRIK8o6ahHT8QRlJBMjMxMDUwNDE4MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Sun, 04 Sep 2022 12:18:17 GMT

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame 60C1 1022 KB
79 KB 1446ms
577ms Script
application/javascript 2620:1ec:49::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=e760480e-1f95-4634-a923-98161cfb02fa&limit=10000&callback=getHospitalData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ba96b7a78b3a0e542f2fc244a5f3faa5569c2f5fca694edd704e687c70618dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: max-age=1800
access-control-allow-credentials: true
x-azure-ref: 0gJAUYwAAAADYLLk8QGBSQp1+TRdaeP94RlJBMjMxMDUwNDE4MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Sun, 04 Sep 2022 12:18:17 GMT

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame 60C1 273 KB
29 KB 1453ms
585ms Script
application/javascript 2620:1ec:49::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=10000&callback=getData2
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d44118dd75bd02616e1591bb1575629e0c19e90626ce017ffbc9ffde8c36d050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: max-age=1800
access-control-allow-credentials: true
x-azure-ref: 0gJAUYwAAAABNKOo5cTAYSoO6etqbsdifRlJBMjMxMDUwNDE4MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Sun, 04 Sep 2022 12:18:17 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thestar.com/ 2 B
61 B 95ms
95ms Fetch
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 8ms
8ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1662292096145&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 1V12nfxTqBkyjx37s0o0TNmjYgKjiIP1-khSWDCmFTImf4h_NZWh5Q==
x-cache: Miss from cloudfront

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 57ms
8ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 04 Sep 2022 04:07:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
age: 27825
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: oOvg0knbV5lswxN8kzWkk7u4yiKsR3ADhnQH9Q0en-BacFBd6mRZTA==
expires: Mon, 05 Sep 2022 04:04:31 GMT

POST
H2 200 160 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 83 KB
15 KB 472ms
472ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/160?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-09-04T11%3A48%3A16%2B00%3A00&ts=1662292096147

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

f44feee7742dd48bdbc857e88776794226551c910e6ce72308d12b73a55e8e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 13786
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8eVDjrHjZf5ISDjAcSagkowCEIowEMkw6KceqAEekXzZ4FYVHT3MVA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 9 KB
3 KB 286ms
235ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 782decc222276b3f0e5b65172075b255dd801eab0e0dc172217a5925948f3fc7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 7 KB
2 KB 253ms
205ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 5bf5694f1fff20fd00703fe7458294f4fc41cdb819914caaa10221f945213430

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 10 KB
3 KB 249ms
204ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 748308bbaa4b669bbec85fbe27c40b7150108e1f03290035a7c5f147010fbe2d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 11 KB
4 KB 272ms
231ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: d352a791f88d9f0161c01a5f09c8e20312b854ba248f49146dee582f604f6964

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 11 KB
4 KB 230ms
192ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: d29e4b4177ec95b9c5b9a5847159dc5593ae49f7a4d182f6b9c47ba5c6f9f0cd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 5 KB
2 KB 273ms
238ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 95003ed8f3d2f1943ad394e0315cb7aa33060ae1a8d715799f7529b59345dce4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 12 KB
4 KB 251ms
219ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 5513624c3d1f1ee8234d1bf7396931509b80962ae772154abcc0ca83bdfcaab9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
175 B 151ms
135ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=1260&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=4&jsfv=nbc&ts=1662292096159&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 40ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

581903b979c49c77fa5ccb3f0d06473eda49f43ff8ed576f34db065d4729518a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74891
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 42ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18f1a91fb91b6bb762fed65ff6285e9422db12b27c0c8ee61ce54076df4a3fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75347
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2776
date: Sun, 04 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 04 Sep 2022 13:02:00 GMT

GET
H2

200

web-vitals.umd.cjs Show response
unpkg.com/web-vitals@3.0.1/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.0.1
https://unpkg.com/web-vitals@3.0.1/dist/web-vitals.umd.cjs

0
0

16ms
16ms

Script
text/plain

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unpkg.com/web-vitals@3.0.1/dist/web-vitals.umd.cjs
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GBTREK5MEE3BRBYEYGHBC8CC-fra
server: cloudflare
age: 315435
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@3.0.1/dist/web-vitals.umd.cjs
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74567ec1aa00bb41-FRA
access-control-allow-origin: *

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 34ms
34ms XHR
text/plain 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:54:32 GMT
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
server: Server
age: 14024
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: LDAKpH-IUQDPtuZFgxE8-H2_9-AA47op-TGKgICrFS6QV_8-8atzAg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 57ms
18ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 31067
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 03:10:29 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: D7melHUvwj7thVXbACW5SxNpl8whDScibZGa-xPpuZO_nqxpYburYA==

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 5 KB
2 KB 249ms
216ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 0181f16e6dd0d3e05fb7e3eaa153ab270716efa2943a52862b8a67ebc9e38abd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 4 KB
5 KB 251ms
45ms Script
text/html 52.212.208.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5DhgB2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-r9Uxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-mw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=253901059049&callback=MoatNadoAllJsonpRequest_87113813
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.208.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-208-199.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 8bd93f9ed7e7c12f809df29ddd459ca1ea1e95d92e2b18c94778587a03542cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "0b08001e72f33eb726f467ff6bd85c33f28ddaa8"
content-length: 4454
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame C4B1 1 KB
2 KB 23ms
22ms Document
text/html 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=907
content-length: 1374
content-type: text/html
date: Sun, 04 Sep 2022 11:48:16 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: MrdPZgDY1CyIfh5A+NrvWN3zzcPpav9fxlA/H4bKRoXxHGSHeCFTJZ7rA8qWgbhnyFXO+NPKclY=
x-amz-request-id: E79E4895C627A6D1

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 36A2 0
27 B 68ms
68ms Other
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NComyBARo_msejY9UwImjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
date: Sun, 04 Sep 2022 11:48:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-NComyBARo_msejY9UwImjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022083101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 17:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131962
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 08:36:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 03 Sep 2023 17:11:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
770 B 92ms
41ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 36A2 21 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 12:35:36 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7F... Frame 36A2 170 KB
60 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7FFdrDB32YtCgIHH7MO_z9OrqnTg/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d33d85b41fc74243c3253fdd3c4bc2015aeb2daf961a6ecd36d515cbb6bf583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61042
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 04:58:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 19:31:27 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 401ms
23ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: afd090eea822669ff19992b4a366b167a6077bf8c052fc6cfa0df8a7223b1821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:16 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK chunk.89041.088460e0.js Show response
widgets.media.sportradar.com/assets/js/ 135 KB
40 KB 21ms
20ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.89041.088460e0.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f966a1dbaef12876a7a3e809b4a14d7c22728cdec92611b45c3b315bc0f670ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:39 GMT
ETag: "a5a2ffc3b52da2938ddf2615fefd0867"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40242
Expires: Sun, 02 Oct 2022 15:10:39 GMT

GET
H/1.1 200
OK chunk.57420.88666b64.js Show response
widgets.media.sportradar.com/assets/js/ 332 KB
88 KB 54ms
18ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.57420.88666b64.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d528a309f22004c2a778f660d9ffdb29946e5e09d651c7e92405c0c13f0dd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 23:23:39 GMT
X-Served-At: Sat, 03 Sep 2022 00:01:38 GMT
ETag: "0b758f5e2c34dd37aa8325c5b3371f2d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89982
Expires: Tue, 04 Oct 2022 00:01:38 GMT

GET
H/1.1 200
OK chunk.74425.ebde78dd.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
5 KB 64ms
18ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.74425.ebde78dd.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

bbe7f72aa2b2a720f2b5ce1fea54abb1aaf934c262e5bef4649d3a79952e5ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "469732036bf97b2300d0723d6dbda336"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 4684
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.18709.99d97b97.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
5 KB 94ms
40ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.18709.99d97b97.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6fe6bbe04bb7abfff7752c4a026b8166de85eb8ba3617174dcee9a5f84daebde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 15:37:51 GMT
X-Served-At: Fri, 02 Sep 2022 07:17:36 GMT
ETag: "c6d1f1208fb9d3f76b175bdaaa139109"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4636
Expires: Mon, 03 Oct 2022 07:17:36 GMT

GET
H/1.1 200
OK chunk.75472.dc8df7e6.js Show response
widgets.media.sportradar.com/assets/js/ 20 KB
7 KB 18ms
18ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.75472.dc8df7e6.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a8b117ed693bb8cac90e9a23a055c60eb3af867b3b75fc987f178a74fd28121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "9a1fed5f4948def3203ac125895bd0a4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7009
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.58047.fdb78a37.js Show response
widgets.media.sportradar.com/assets/js/ 10 KB
4 KB 21ms
21ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.58047.fdb78a37.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4542b9d8c313c5e4232bc17332661fe489a19378e2d3c69ae4579dec0a314ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "6783f18f79854727c4f2a1fb91439eea"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3644
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.87159.2c0230eb.js Show response
widgets.media.sportradar.com/assets/js/ 99 KB
26 KB 23ms
23ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.87159.2c0230eb.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

cdc0009cd383f3a732ebdfa39454207282f850afb963725e7952634cb261e25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "140c9928a4e289a370a569561dc5d0a5"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 26370
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.872.c6303c63.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
6 KB 21ms
21ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.872.c6303c63.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "2e33f72f6efa38ea0852e0d2951de36a"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 5766
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.88139.274c7355.css
widgets.media.sportradar.com/assets/css/ 20 KB
4 KB 40ms
18ms Stylesheet
text/css 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.88139.274c7355.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "c49787c1d88ae88587d40d3a2128e530"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3803
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.88139.adbb4ec9.js Show response
widgets.media.sportradar.com/assets/js/ 22 KB
7 KB 20ms
19ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.88139.adbb4ec9.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3c5918c53d70bf9f21e1f5243c5b6e9d9dee3ac3546ea2fef323488b3017e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "027495a255e5e92e0a087b963f104b4d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6491
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.56615.93993c2d.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
7 KB 20ms
20ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56615.93993c2d.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "17d28dd8a0d379cf3bf8a0fde19671e3"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 7004
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.36369.753205cf.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
4 KB 21ms
21ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.36369.753205cf.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "d732fcd8139e215ea39b473933d09bdc"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 3139
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.99585.6e733a73.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
6 KB 32ms
32ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.99585.6e733a73.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d745e8b5de29c794d781c7dde118aa34cc84377b9d6218fd6368895b97d7a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "d6063eeaacaed78f1641ee5f5a912ee4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5103
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.56304.14fe8248.js Show response
widgets.media.sportradar.com/assets/js/ 10 KB
4 KB 28ms
28ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56304.14fe8248.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

49d136b8059cead362b283b6c3efbb8c69d19b29728e3d56d94a54557922e6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 15:37:51 GMT
X-Served-At: Fri, 02 Sep 2022 07:17:36 GMT
ETag: "3f51ab5a23d2abef2a197336ed2cff35"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291
Expires: Mon, 03 Oct 2022 07:17:36 GMT

GET
H/1.1 200
OK chunk.73555.8430bb6f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 18ms
18ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.73555.8430bb6f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

6e2e1bdc9827ee199b4e244fc97b8451e569b9ec5e38b8b77fa0cbc4c1764dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "831a465f2b1c72300a99834da0c21403"
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 3846
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.69233.2de7d33f.js Show response
widgets.media.sportradar.com/assets/js/ 21 KB
6 KB 19ms
19ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.69233.2de7d33f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e1b03cb841dd8bff70b44087173de3d9c9218bf79ab815e213fec2050818f39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
ETag: "559845b5116c7087559f607bbab89969"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5909
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.83679.39482dbe.js Show response
widgets.media.sportradar.com/assets/js/ 27 KB
7 KB 21ms
21ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.83679.39482dbe.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
ETag: "ef4b2e812247d35ae451639597ae1800"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6245
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.80219.7bcf682b.js Show response
widgets.media.sportradar.com/assets/js/ 24 KB
8 KB 19ms
19ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.80219.7bcf682b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ec3972e5b1d22016afd301c0194f97ebdcab27102ec7ff5468d2c0ec17580cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 21:59:56 GMT
X-Served-At: Fri, 02 Sep 2022 22:58:08 GMT
ETag: "9f598b75a1a4a7ceb823c465ec954199"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7868
Expires: Mon, 03 Oct 2022 22:58:08 GMT

GET
H/1.1 200
OK chunk.84814.cfe59253.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
5 KB 19ms
19ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.84814.cfe59253.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b88c0e7d5f60f391a48a488f106b3c2c3331305f793f79b3f77ea83543d2a680

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
ETag: "1264121e037e51caaaf80f459b7124ac"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4272
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.50398.cda70f66.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
6 KB 34ms
34ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.50398.cda70f66.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aeb3d7af2fd0bee15508ecd43a60a084984c793cbdad4f11ea1dd56b05c32b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
ETag: "638e11ecd7233f03119fe35cd6e8c670"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5871
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.95874.4826cf18.js Show response
widgets.media.sportradar.com/assets/js/ 24 KB
8 KB 36ms
36ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.95874.4826cf18.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a501c1c65c29ee1db58d11911089a893f41dc79bc9bcd784b2639d8965dda8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "e01799db769b662c6fd7a27ae2d843df"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7991
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.51996.70915f8a.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
6 KB 23ms
22ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.51996.70915f8a.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

af9aacdd720170787a55f7afad50e7226ff58940b10341214eb787346d097737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "580eefa285a43ac9f8b3c4fb44f54a4c"
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 5236
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.85559.59b07353.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 19ms
19ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.85559.59b07353.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

26a8080a3d37c705cf975d6ab8b7a4162d81f5fbb609218067b38238c44b549e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "02b4bdfb1e312501ecf0dc5a0c3cedd4"
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 4066
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK chunk.us.common.scoreTicker.d9cdceff.css
widgets.media.sportradar.com/assets/css/ 35 KB
5 KB 48ms
19ms Stylesheet
text/css 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.us.common.scoreTicker.d9cdceff.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0525dd2088d62450cfe408224197cdab8c33dd6d394e16ed65eaa799fcaa830d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:20 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:40 GMT
ETag: "b0052fa1d6c4d4f5ea6cb9d3b57ddbc0"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4370
Expires: Sun, 02 Oct 2022 15:10:40 GMT

GET
H/1.1 200
OK chunk.us.common.scoreTicker.43fb3954.js Show response
widgets.media.sportradar.com/assets/js/ 126 KB
32 KB 21ms
21ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.us.common.scoreTicker.43fb3954.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

704dbcc9861900d88715d55a12ee4555fc29a49767261a08b1b9acc30aac744b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 23:23:39 GMT
X-Served-At: Sat, 03 Sep 2022 00:01:39 GMT
ETag: "0b0112d11dbd64bb42f53e5920b4751b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31891
Expires: Tue, 04 Oct 2022 00:01:39 GMT

GET
H/1.1 200
OK chunk.react.c90b388a.js Show response
widgets.media.sportradar.com/assets/js/ 128 KB
41 KB 23ms
22ms Script
application/javascript 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.react.c90b388a.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a8baff084295a25ec768925d4c47582fe2cc593132e61a394090fe890dd4ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 14:16:19 GMT
X-Served-At: Thu, 01 Sep 2022 15:10:41 GMT
ETag: "1cd831993775dfe5a1193aedff2b6e86"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41051
Expires: Sun, 02 Oct 2022 15:10:41 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
27 KB 74ms
22ms XHR
application/json 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1662160664801&h=0a85e093fc3d495c20cfc910a8752d45

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd3c9891d6a9da85f11b09c905b4ba1717b94d0df35e3826db98eb2c56268836

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 23:17:44 GMT
Date: Sun, 04 Sep 2022 11:48:16 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 26725

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 37 KB
5 KB 541ms
490ms XHR
text/css 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 23:18:04 GMT
Date: Sun, 04 Sep 2022 11:48:16 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4246

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
10 KB 109ms
57ms XHR
text/plain 2a02:26f0:f700:4::212:4f1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f1d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b45bf0e9f8e3baa36246b21102fa37e44fcb176237a42d788ffe44008d542a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "d8fdb7484763fc7e45458289837be4f9"
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Sun, 04 Sep 2022 11:48:16 GMT
Connection: keep-alive
Content-Length: 9416

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
17ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1609319305&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=627774596&gjid=1126790003&cid=740898286.1662292096&tid=UA-70431129-1&_gid=926370253.1662292096&_r=1&gtm=2wg8v0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&z=307617433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1609319305&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1304218372&gjid=1515794437&cid=740898286.1662292096&tid=UA-73335503-3&_gid=926370253.1662292096&_r=1&gtm=2wg8v0P86MZHL&z=839044505

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 43ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oe8v0&_p=1609319305&_gaz=1&cid=740898286.1662292096&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662292096&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
338 B 56ms
18ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=740898286.1662292096&gtm=2oe8v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 87ms
45ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=740898286.1662292096&gtm=2oe8v0&aip=1&z=1350631070

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oe8v0&_p=1609319305&_gaz=1&cid=740898286.1662292096&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662292096&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 52ms
17ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=740898286.1662292096&gtm=2oe8v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
45ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=740898286.1662292096&gtm=2oe8v0&aip=1&z=1823085213

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=740898286.1662292096&jid=627774596&gjid=1126790003&_gid=926370253.1662292096&_u=YEBAAAAAAAAAAC~&z=1519987321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 04 Sep 2022 11:48:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36A2 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=461747&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 433811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Aug 2023 11:18:05 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 195ms
194ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3a0d36fe29e2f048934541fd61222d725c6b350e6549a4868d7d0f95158d8f8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"2115-a3re6j6HV9RJ+Jkn3Yoiwf+zEwA"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: DsB5939E4gqMFKmp9bSQ7xI1-1bcL9u8hv2AP_R8U_w6_OtfSVk0hQ==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 190ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

fc3dbc5eef2a36dc41affc8c3cee6289f1435977b73d0daba295a85344bccff2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"1e21-hdiqnXGpKxwSdrw+zC7U5WZ4BJU"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: dmPDEAtfMvqFfkiAIE28yME1Bg85hTHlnVjzr6pkROBuIqu_u081ng==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 197ms
196ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

49b912c86e46e2c6765fdc8b867e6865eb213b56dbfd447a494ece7e27debdc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"1773-07E/jkZozTLVgd2dGUIgyM2CUIg"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: WERFsAMdmSJXWBKIgqEcbQmSuLYaUxuIISp4rdt2OOxJQYLW4BDx5w==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1... Frame 36A2 133 KB
45 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1.O/am=ZAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4fNLiAEJ0s9A0SU4Fo6giinZqrXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7FFdrDB32YtCgIHH7MO_z9OrqnTg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

723567a8970192d61383b601d5dd9c9f7553951cc55618d03539b4ac7b9c92f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45824
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 04:58:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 19:45:31 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 190ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ee54d346df7760519967663a4eb6f626f188d75dfe237ccfd92f6048d41cba1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"2709-COMJF4phCSwnsca33FwwH8TYVGQ"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: AAX3eOPeX4R1nvtLZV3e-ugOgfYmtzG4lxEvDFZMFFt1Fz9pzborsg==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
2 KB 204ms
204ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

79cb4bf53d4f5d60f769343b73b87950db849193e1a72fd63091d938d85b0005

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"23f9-81sWJurnZcltZ63WKHNTruZMe+s"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 6YT27y3TteqNWBPrF7VIqbUSJXRyfAlSsfOlgY-RZN3FF9_ZQCTJog==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 189ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

65d8a2e3d2d25075af752893f52a235f7734b234d8c94261ecdaaba679f99127

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"1dc6-GsgnlNeFHjkYTADcjGlJRFWePXQ"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: EuGPBuUWq42S2FUcz6y8Sn3qB2nfq5NF8p6XMkxHs_8YhZ-fq2YgRg==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
1 KB 190ms
190ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e492052af049ff5961dc391a36a551fa3a6dabd87a5b17999577c8e72529b136

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"1216-N9o1wBs3ppGvdYGgSKep147idCo"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: TdNpjTCW811WV1vg8RK6pVcbjKuV6x7VWQNYK2JiJsCZfICCH8WLHw==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 165 B
375 B 350ms
208ms XHR
application/json 34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 63b281daa3255bbe447586d28e11338a5f2780954f8a604718f8629226fad551

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:16 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 165
expires: 0

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 190ms
190ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ce717c1171b1eed98275b243c6cd4b13366caffa375dc0fbba4e4f4de03993f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"105e-agErJz0Q2/Tz9u26ClhZeSBfH00"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: qEJutnqaX8y1xHECAFgiBduZlJngqQjgcDCeumvthA7F66QmfZkIow==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 204 events
events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/ 0
0 50ms
49ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=15552000; includeSubdomains;
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/ Frame 0
0 81ms
14ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:16 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 events
events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/ 0
0 44ms
44ms Fetch 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=15552000; includeSubdomains;
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/ Frame 0
0 91ms
24ms Preflight
text/html 2a03:b0c0:3:f0::1bc:5000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/e4424af2-ceb7-46d4-bba2-0446ecaaca57/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:f0::1bc:5000 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:16 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1... Frame 36A2 1 KB
715 B 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1.O/am=ZAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4fNLiAEJ0s9A0SU4Fo6giinZqrXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe45511fd826d5d3d762d46287466e4f76ae0f22a15fe511e0d27f5404b21d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 04:58:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 19:45:31 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 36A2 570 B
419 B 44ms
43ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=3574479211967573439&bl=boq_subscribewithgoogleclientserver_20220829.01_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=42497&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16e6211a68edc8551d0179f3c625e9e25fbd7eb5a8bd7aa2c314d4d424b10081

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1... Frame 36A2 17 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.B7kyYsyWfhM.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.4Cp8YRsFiWo.L.B1.O/am=ZAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4fNLiAEJ0s9A0SU4Fo6giinZqrXA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f85038d5f75e407979061a15a7e497b6b81be11a5411ccc6e5aaabfa79eaac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7229
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 04:58:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 19:45:32 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame 60C1 37 KB
37 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:12:05 GMT
x-content-type-options: nosniff
age: 480971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:12:05 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 73ms
73ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=euu4OrtlsXc3l&cb=0&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-9%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-10%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-11%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-12%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: 5ANPXYBE7CPXT8APC7FX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BaVmvafcFKreR6bGOTDg9OIxc6GkosjiPqiuMkoWA7P10u5vfh9QxA==

POST
H2 200 log Show response
play.google.com/ Frame 36A2 131 B
672 B 66ms
17ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame 36A2 131 B
155 B 32ms
17ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
14ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Sun, 04 Sep 2022 11:48:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 36A2 131 B
155 B 33ms
17ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
14ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Sun, 04 Sep 2022 11:48:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 36A2 131 B
155 B 29ms
17ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 04 Sep 2022 11:48:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
15ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Sun, 04 Sep 2022 11:48:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 8ms
7ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:12 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age: 124
x-powered-by: Express
etag: W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: lHSQc6F2X9yFev-yb51YgEAZo7ynR4X9naSr6QjxnqHQuvXrrkEMrw==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 234ms
31ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1662292096613&plid=58585114&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10516%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1662292096302&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Sun+Sep+04+2022+11%3A48%3A16+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=52473633&u=pid%3D43ba1bd906e568ffa96f03a79e3266c1
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 11:48:16 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 04-Sep-2022 11:48:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
8 KB 192ms
191ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7379b0327b637898a97bc22a1ea1746947c906147156aa8b549e5428e9705c25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"1e9f-nMpE/pAfFrK48wiCPSrXoXyNHTY"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7839
x-amz-cf-id: sxdZ7GCO7Kpya3-DW5bREY8a0HI4RMFubKLnSChEDTYqvH_iqHCiOw==

GET
H2 200 6763027e2c00476b2a3d1f57dd3aed1a Show response
e377.thestar.com/plugin/plugin/ 192 KB
42 KB 8ms
7ms Script
text/javascript 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/6763027e2c00476b2a3d1f57dd3aed1a

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

5d4ca800aa61299f4261503816bc917550000f3122004e2bc1917fe46a06c948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 921941
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42270
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Aug 2022 19:42:35 GMT
server: -
etag: 6763027e2c00476b2a3d1f57dd3aed1a
content-type: text/javascript; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-P5
x-robots-tag: noindex, nofollow
x-amz-cf-id: RsK8-kc0mVvRsLzZL1uwHsJOn0ovXkfpZsi2ql0GkJwYVSxE7GAmlA==
expires: Thu, 24 Aug 2023 19:42:35 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
7 KB 190ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4d1c7cb65dbc93bf67b4dc57ef803c0a97fb874f22d8631456769e8455663da1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"1c16-3g+WHLOVxxAgUiTY4coMQmiTfk0"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7190
x-amz-cf-id: PEf-N2xKLH1uEIXdr39zg_o0pRep6-Nw4ytyluZgSho6X9-eT-Fkbw==

GET
H2 200 default Show response
www.thestar.com/api/overlaydatarule/ 72 KB
13 KB 7ms
7ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/default

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3408d4edeee4822928f0578b10d7f8dcc5174ee68daf38c8ab14989de45315be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:13 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age: 123
x-powered-by: Express
etag: W/"1214a-wcxBsnvhIWCxPuMyxOZQZS+sP34"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: jnDezXTsf20EEWkWIbgbZAgLp3DdRZcSU7ehHQ0l18u59wopPwjA9w==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 71 KB
13 KB 8ms
8ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e357676c07631dfb0599a7b98a39d8465cccabcbf00c6dddf5708153a2f6113e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:46:13 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
age: 123
x-powered-by: Express
etag: W/"11a39-cDQKpQAa76OkWAi55whbDHYSNsg"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: f-se8O5jMuj-0xTEstKZ6eq9AbN2V4cyoSQzYuiJpqZ_AlkXcNkz6Q==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 8ms
7ms Script
text/javascript 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 01:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 5740065
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jun 2022 01:20:31 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-P5
x-robots-tag: noindex, nofollow
x-amz-cf-id: KZCmBo10_kPSq-keI19-FTP4qskL5uZUCwCXxG-S3-tXeAP65FR9rg==
expires: Fri, 30 Jun 2023 01:20:31 GMT

GET
H2 200 137ba0a3e420ae94e99622242e142dc7 Show response
e377.thestar.com/plugin/library/ 267 KB
87 KB 13ms
8ms Script
text/javascript 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/137ba0a3e420ae94e99622242e142dc7

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

3c96559ea2342f9ba868e360c2b29d1cfabc350de16ba0c4ea4bc389a7b19564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 01:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2197754
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 87965
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Aug 2022 01:19:02 GMT
server: -
etag: 137ba0a3e420ae94e99622242e142dc7
content-type: text/javascript; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-P5
x-robots-tag: noindex, nofollow
x-amz-cf-id: ufkeZEd473Cvwsu6Zqvlb4sMb1G1Xpq3A_SogHb3pMgJrVl816jPtg==
expires: Thu, 10 Aug 2023 01:19:02 GMT

POST
H2 200 LB-Zone-2 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/160/ 3 KB
2 KB 381ms
378ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/160/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=3c0de16a-7376-4c77-aaf6-8a02bcce16b9&overruleReferrer=&time=2022-09-04T11%3A48%3A16%2B00%3A00&ts=1662292096654

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

b2583e40473328ed25875cf3c9524ead407038e175d95711b6191747fca019b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 931
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: oCI32MIXO_9VTH9nNzs0ccwgcsQzWqe2PO_MrTNx2cdk24eDtd3eug==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
6 KB 192ms
190ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

402e1d3f36ce9e5139c8dc4a88e17a18959c8cd631ca3ad0edaf34710c6cafcd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"15cf-BhJApcs2msm+M7i/vdQvQlTdZ5o"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5583
x-amz-cf-id: DEq-E8_BmO0KXTAd5RzwMXyufwIOR72h_DozDzeQyhQ0B96mf0DXcA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
9 KB 193ms
192ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6b433a5ddecbb778a6df4dd59274a52edee392196bb3b818a53a353dcb4a6e16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"242b-L6BBFv6Cz7gDjpbSgeCVVaWprRw"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 9259
x-amz-cf-id: Z8mlwvjZw4VE1-_ah2NSUN6R4LDudkZ1K8dlGI9492YSwYh7rYNVgg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 108ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 107ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
7 KB 189ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

13976acfda323b810d865e513cb2fe92712651dee5764796477f884f5e4162a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"1bba-RW8qf5GYJyyAF2tGyIbhc0xtC1M"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7098
x-amz-cf-id: s2k37E9frVC5l47Eq2Tbo9hav-qMGloAUXtxF6Qwfpq3wX8Y_eYwlQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
5 KB 190ms
190ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

13e3b1b25f435a4269d929a2a134ded6274db3d7056d9a785b5f72dff0bc174b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"10db-lOWxD9qrjNWQ++LPF9zIH6/c0vw"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4315
x-amz-cf-id: RFozGFJngqmy0rPcOANdRHQKPoaGgN75lWau23uaOrTmC6kD69D6Uw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
9 KB 192ms
191ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

387321d2c82b1a781be8bbd650b0f35e2f18b4daa2c884151e7750b8eab8acd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"2183-HbWVK1BDBQpO1Dyxo7mEfuIWp8Q"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 8579
x-amz-cf-id: UW9U5qmxoZMTvz3mDcJDoCVn0t1LmSRJLsmTmt2-_w9OnGYfe4AIiw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 192ms
192ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ec74eead4a8c63b7575dd8df05d188d14bb00a8d6d170acfb289bd92955de981

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"f23-SI8Vqv7t95ogRIC5BTUDTDt/s+U"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3875
x-amz-cf-id: 2OzyKakycAVkRfeDz0hEnbDU852crBanWrkK6gtkyv1vMezWa1AoBQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 366 KB
63 KB 742ms
725ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=248698664553534&correlator=3572238561117524&eid=31069289%2C31069312&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600%2C134x170%2C134x170%2C134x170%2C134x170&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276%2C2480448003%2C4090677273%2C4090677272%2C4090677279&sfv=1-0-38&fsapi=false&prev_scp=pos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26polarAdDisplayType%3Dwith_column_image%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26tkspo%3D1%26env%3Dbeta%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&sc=1&cookie_enabled=1&abxe=1&dt=1662292096769&lmt=1662292096&dlt=1662292095158&idt=1279&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245%2C244%2C528%2C812%2C1096&adys=0%2C0%2C1007%2C3479%2C4988%2C6251%2C7625%2C1804%2C4111%2C4111%2C4111%2C4111&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x0%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&msz=1x-1%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&fws=0%2C0%2C512%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=740898286.1662292096&ga_sid=1662292097&ga_hid=1609319305&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17e6c1055ddc6dc36a23422eef4be4aa11a2a1597e87f8677d67a6d88ac3f648

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJPzy8-I-_kCFU68ewodA5AH-g&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJPzy8-I-_kCFU68ewodA5AH-g&gqi=&layout=/sadbundle/%24csp%253Der3%24/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: -2,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64464
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sun, 04 Sep 2022 11:48:17 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA0D 6 KB
4 KB 104ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Mon, 04 Sep 2023 11:48:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 28ms
28ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:16 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 64ms
23ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 11:48:16 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 119 B
606 B 380ms
342ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e103dff15f2122dfc90f33ad66d6a139f0d6c0e451673775ca6f26ef735f2d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:17 GMT
ETag: W/"77-U1KutO7QY+Olipj1PzfpG1ijm0A"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 119
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 793ms
165ms XHR
application/json 52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1662292096849

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2a335fc9aa6797b6be42069274eb77745c6a0e6ea2919f4c69c68d9f53ea0a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v038-04381ac5b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mE+RBRfOR9o=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 325
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/beb0538ef1fd/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 153ms
152ms Script
text/javascript 52.84.106.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/beb0538ef1fd/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-80.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:32:37 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 11:32:10 GMT
server: AmazonS3
age: 939
etag: W/"d860c16ac938f7d839f0ec158d02d0f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dq1Cxite3KHFUIrwYOWJwweXPHqCSeb0
via: 1.1 9d638ed0e686bb5bd14bf9c73c1b0134.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
content-type: text/javascript
x-amz-cf-id: NK8DFdLoZWP6VlXGRntNCnIz6Csw89s4ayYkHAhu0H9_HoS8RPoLaQ==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/beb0538ef1fd/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 152ms
152ms Script
text/javascript 52.84.106.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/beb0538ef1fd/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-80.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:32:37 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 11:32:10 GMT
server: AmazonS3
age: 939
etag: W/"2d1382c349d480b6b41574ac0c1af066"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: tHzHlsSE_kToQusN8sxzMnmIbShA6SNR
via: 1.1 9d638ed0e686bb5bd14bf9c73c1b0134.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
content-type: text/javascript
x-amz-cf-id: Ch5WoKf7DGbYwlyhAXbtneWXo0_YBT62dTD9x16uL0MV8uUV6rDoJw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
406 B 103ms
102ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: 6I6wOXHVyBuUeDxLkdm8a2X4Xl6voQ1mfDUmkC58GYFLeHw5Pl5x2A==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 844 B
1 KB 102ms
102ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

2a42dcfaa6b31c7c936094fc84779c6441247f57ba168c251379f17519274dfa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"34c-h/H7SsIPojIqIDLXOXpfQ/Tl9MY"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 844
x-amz-cf-id: HG078KnnshPogabYhlyPwRSXAPMjVe-UgzRPhgWKSJRgs0f_ZdSlUA==

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 21ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 11:48:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 11:48:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 11:48:16 GMT

GET
H2 404 TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/ 0
0 135ms
135ms Font
text/html 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:16 GMT
content-encoding: gzip
etag: W/"13455-iFIjRJA1mI72ZgN16IPfisWxuO8"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: MrdlLfQq7j3vJu3TugH1rd2uCsQYD0uZ3WF1KUI8uppa2WaJZccyng==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
931 B 194ms
193ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

ad14263f0802e2cac15658631058a22614641a804bd07a1cc9d10e116678512e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
etag: W/"6ab-nYZHnVM7JdoP/Vewx0eS6mTIhcA"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: g0K2vdcTIT_jKNb3Mm78UMF42fi_GZWHHRWA5rGv44GCizIc_t3OeA==
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 192ms
192ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e44f029288d633086ee3f34b9eca0fa1e8fd916278cee819217cce063c5bad3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"356-o+gBzNWJentcRPfO3IvUWyxWCKc"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: 2LCNGOz8B5NUZ1ZToxJ4aQkTGbszzxRAJdM91CyhchOU7Z0ypiQocA==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 54ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d606f5c6d91571453fe46555ca16c70b14d0aacdc20d4ba3d9456336512f0721

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

GET
H2 200 109 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
1 KB 258ms
43ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/109

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

f3518016507a066cb22078bf8c16c8e589b9c55bf839e1cb113f17ada8ced939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"8a14ff0ed890f284e9d354046259812eeaba6e2a"
xip: 168.119.68.126
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-narlgiqb
grace: none
content-length: 801
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Sun, 04 Sep 2022 11:43:18 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1024370863 1023848652, 366930702 370018635
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web04
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:18 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 110ms
109ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

758f586db681fe7c927cb285ebb9b01fc438bf7de884afb16a3f9fb5a01bb26c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"6b5-CRKfg3x7b7tz9Hmc6fH6qdkKKL8"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1717
x-amz-cf-id: 5twj9BpgyzM1LI-fnur084e5e3IakpgkvdAcwg26QF47ti__5pTUfA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
405 B 99ms
99ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: oaa-opK_HuVpakHPSKbjsU72Z8UE5aARBUKKu4iK6kXGqxMfJSPHCw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 100ms
99ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

76ce36e0baa7eebd6238bb9e947d276db680757e40b45efe9aa85e495f4c42b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"6dd-EsPW9NQzpZjEaVxnjBzMUo2rOWc"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1757
x-amz-cf-id: MInaME434TRRfS1ytsI09fYq4uDZ4hYaeGAnuYthDK08_-ul5douRw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 189ms
189ms XHR
application/json 108.138.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=bdf22cd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-25.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a63dab84d0bc5b01bb84a251046a59913915f39fda63762763ede363734ae385

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
etag: W/"6a6-ER7xXJnAZAjtNvlXMzf/nYP8PHM"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1702
x-amz-cf-id: HYqQeHmQe6_rwUAt57AAx9ntrOorCJFItOAMwS-nC1bf9u7CQuezZA==

GET
H2 200 20220902220916-6312b9ae1362a83652ba5fe2jpeg.jpg
images.thestar.com/_PJYSHMe0X6dnCj02IinzX5VHcY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/09/03/50000-reward-for-information-on-abducted-memp... 24 KB
24 KB 9ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/_PJYSHMe0X6dnCj02IinzX5VHcY=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/us/2022/09/03/50000-reward-for-information-on-abducted-memphis-jogger/20220902220916-6312b9ae1362a83652ba5fe2jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e01661597829485f9c7de7f8fb27c0d9002652119af7fca21b9e75221283c2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 22:04:27 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 49429
etag: "19a75672b55f5548d559ffe5d56b6722255dcc54"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 24598
x-amz-cf-id: 75Yq-_EmNxXOgzsA58ay6iX6igyVKvOVK56tXV3iAGcIA_eUhV6hUg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 35 KB
35 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 10:05:07 GMT
x-content-type-options: nosniff
age: 265390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35520
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 10:05:07 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 124ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2096&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=28&jsfv=nbc&ts=1662292096994&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=2095&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F09%2F03%2F50k-reward-for-information-on-abducted-memphis-jogger.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Feurope%2F2022%2F09%2F04%2Fsurvivor-of-holocaust-munich-attack-heads-back-to-germany.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F09%2F03%2Fgop-escalates-fight-against-citizen-led-ballot-initiatives.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F09%2F03%2Fman-dies-in-shootout-with-milwaukee-police-bystander-hurt.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F09%2F03%2Fdesantis-seeks-dismissal-of-suit-by-suspended-prosecutor.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F09%2F03%2Fpolice-plane-circling-mississippi-city-threatens-to-crash.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 114ms
109ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2153&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=71&jsfv=nbc&ts=1662292097052&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=2153&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2Fanalysis%2F2022%2F09%2F01%2Fwhat-canadas-new-covid-vaccines-say-about-the-future-of-the-virus-and-our-fight-against-it.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F02%2Fcanada-developing-path-to-permanent-residency-for-undocumented-workers.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F03%2Frcmp-say-man-dead-following-report-of-stabbing-outside-banff-alta-bar.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F04%2Fhamilton-police-find-missing-three-year-old-dead-at-conservation-area.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F03%2Fbeautiful-one-of-a-kind-cities-are-under-water-floods-in-pakistan-worry-canadians.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F03%2Fmodified-racing-vehicle-crash-on-calgary-streets-kills-driver.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F03%2Fneed-a-little-space-a-hobbit-hole-in-vancouver-throws-open-its-round-doors.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 toaster_v3.css
e377.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/ 1 KB
1017 B 8ms
7ms Stylesheet
text/css 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/toaster_v3.css

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/plugin/plugin/6763027e2c00476b2a3d1f57dd3aed1a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 19 May 2022 12:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 9328202
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Wed, 18 May 2022 12:38:15 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA56-P5
x-robots-tag: noindex, nofollow
x-amz-cf-id: iPKJ0PFYmSqhIKgUHWGDOmZYVc0sql0qEGQKSxo4MpjIP-zdpMZr2g==
expires: Fri, 19 May 2023 12:38:15 GMT

POST
H2 200 160 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 7 KB
3 KB 386ms
386ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/160?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=3c0de16a-7376-4c77-aaf6-8a02bcce16b9&bctempid=&overruleReferrer=&time=2022-09-04T11%3A48%3A17%2B00%3A00&ts=1662292097097

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

49f99bcb097bf1b8fe1e43f5d9ee3bce21cb353b234ee7d893509b0059afc96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2459
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: VAGZrnTtxCz8BSzi-xKVrloMCpm2zvHHE_keXD9yr0d6A2A5QyGVUg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 160 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 375ms
373ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

2854d460da2fc54844a7ab7d28562a568c4ab184da9e0a2796687d46dd2f8a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 175
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: QviUDY4IKJzBanjyqiQD_hpaodFo8Dlbe6Hrglz3l9AOtorO9AQx1A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 110ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2191&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=73&jsfv=nbc&ts=1662292097089&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButton_NonSubs_Subscribe_Q322_Aug25ColourTest&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 111ms
109ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2192&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=75&jsfv=nbc&ts=1662292097091&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 112ms
110ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2194&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=76&jsfv=nbc&ts=1662292097093&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Control&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 160 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 375ms
374ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

a3c411b7a7a3c1e8ee1be37d2ee5dd7a133f310b7cca70f095f6cdf8f6a62b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 166
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iBZRY56s9RvfixyWctDJ69Sl8vrm7fWc0fLZ9g0s5D5wjGbUxxMU1g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
859 B 97ms
97ms Script
text/javascript 52.54.133.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=3c0de16a-7376-4c77-aaf6-8a02bcce16b9&&callback=bc_json162

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.133.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-133-158.compute-1.amazonaws.com

Software

- /

Resource Hash

43a09ff877437befc4a1e5edef50bb9bf932fe87747b668abea564be93812767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 85
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 108ms
107ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2258&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=77&jsfv=nbc&ts=1662292097157&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=2257&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftravel%2F2022%2F09%2F02%2Fcruising-in-ontario-i-hit-the-great-lakes-aboard-a-new-ship-full-of-high-tech-toys-in-the-water-including-yellow-submarines-named-after-the-beatles.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fremembrance%2F2022%2F09%2F04%2Fremembering-beloved-high-school-gym-teacher-joan-atwood.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F09%2F03%2Fmarisa-won-me-over-but-she-wouldnt-wait-for-me-while-i-focused-on-my-career-dating-diaries.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 109ms
109ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2266&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=80&jsfv=nbc&ts=1662292097164&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=2266&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F09%2F03%2Fdoug-fords-tories-condemned-the-attack-on-chrystia-freeland-where-were-they-when-kathleen-wynne-was-the-target.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F09%2F02%2Fjustin-trudeau-is-losing-support-attacking-pierre-poilievre-wont-fix-it.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F09%2F03%2Fpolice-investigation-puts-fighter-pilot-call-sign-meetings-under-microscope.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F09%2F03%2Fconservative-leadership-hopeful-leslyn-lewis-doesnt-care-what-you-say-about-her.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F09%2F02%2Fkenney-defends-alberta-lieutenant-governor-attacks-cockamamie-sovereignty-bill.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F09%2F02%2Fthis-secret-document-claims-to-chart-the-conservatives-path-to-victory.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220830150812-ec9d82ef8e58e2c559386c3c2ddf2617e7b49a6db9ebc588f84f44b7a90860c2.jpg
images.thestar.com/KL6awKcPa-jCvGBKKWnQ6L9Zs0k=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/09/01/in-a-common-law-relationsh... 4 KB
4 KB 11ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/KL6awKcPa-jCvGBKKWnQ6L9Zs0k=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/09/01/in-a-common-law-relationship-heres-what-it-could-mean-for-your-money/20220830150812-ec9d82ef8e58e2c559386c3c2ddf2617e7b49a6db9ebc588f84f44b7a90860c2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0e1b478e52cdc1b31ce61b18c70ba1d76ed07070eae1f9fc3a507fe41fce58bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 20:26:25 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 228112
etag: "2dcbb29768d19248f57add6b74c9a10f546b6304"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 4216
x-amz-cf-id: yqG4EpKXS0vEPMOOHe98Gz3peGLeknI1pFRodoIGFik8vfYMIoYq6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bichette.jpg
images.thestar.com/khIqvrFPquoUKdlE95-roDZGHho=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/blue-jays-have-turned-the-page-and-the-sept... 3 KB
3 KB 11ms
9ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/khIqvrFPquoUKdlE95-roDZGHho=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/blue-jays-have-turned-the-page-and-the-september-script-is-about-to-get-interesting/bichette.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aee15f0614398dfe537cb2f284df655ec7b650698375faff9420a6b57c32a159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 03:17:04 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 30673
etag: "2cc056790ea62d0ef4c9c55e2e87796769e16291"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 3214
x-amz-cf-id: NRaKql5Gv56jR4Ql8HrKMZ2PoeFke3lBQahIXHGwcjmQ4q_2m9-_oA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 michael_de_adder_conservative_decisions.jpg
images.thestar.com/FXPSeeKR8N72cx5E2lhrTFH0kks=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/editorial_cartoon/2022/09/02/michael-de-adder-conservative-dec... 5 KB
6 KB 11ms
9ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FXPSeeKR8N72cx5E2lhrTFH0kks=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/editorial_cartoon/2022/09/02/michael-de-adder-conservative-decisions/michael_de_adder_conservative_decisions.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f445f009a57be3c4eae6c66e4f50a78666caa7e48b71988585b021299aabf688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:34:02 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 173655
etag: "abf438105c87af185f9da5b931644dccb9490b06"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 5618
x-amz-cf-id: LqQpCiuEAAmgPmLUQ1eqgc9LfK_BYuVUisrQhH_rCjNgIxP0E2UPyQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phil_mickelson.jpg
images.thestar.com/-GwgBOMgdaCwUSIJMie72rqVyuY=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/golf/opinion/2022/08/26/face-it-phil-mickelson-was... 2 KB
2 KB 11ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/-GwgBOMgdaCwUSIJMie72rqVyuY=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/golf/opinion/2022/08/26/face-it-phil-mickelson-was-right-and-now-the-pga-tour-colleagues-he-left-behind-are-reaping-the-rewards/phil_mickelson.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0130bc9b09a5e5f0976180e8f6f531d5dcc88216af2bbefc6d5c933439903f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 15:17:46 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 678631
etag: "eea5d395f99d929db3adecd34c3ee66be328c7f6"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 2180
x-amz-cf-id: Gvg1M57FZMeCM_QIH2iFtwy7_PUkEJ1k8XtYLO0oue2P53J4zMss1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donald_trump5.jpg
images.thestar.com/NOIn5Ij6q4DOkI5tKgyqUbyvmGE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2022/09/02/donald-trump-is-mobilizin... 4 KB
4 KB 11ms
10ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/NOIn5Ij6q4DOkI5tKgyqUbyvmGE=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2022/09/02/donald-trump-is-mobilizing-his-mob-once-again-the-threat-goes-to-the-core-of-american-democracy/donald_trump5.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 54b77d403d92fca3c840fb5bec18709106f1162a227f062f26d29c976bb90c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:23:37 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 163480
etag: "0efc54e967f8178fd356948d30fe72d17a309285"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 3922
x-amz-cf-id: nigzE2xEW-onbuImk7E2nuOIOZoWA5DVt2yqgecWrrbt3ksF5s8Tvw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 109ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2286&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=83&jsfv=nbc&ts=1662292097185&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=2285&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F09%2F04%2Fhamilton-police-find-missing-three-year-old-dead-at-conservation-area.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F09%2F01%2Fin-a-common-law-relationship-heres-what-it-could-mean-for-your-money.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2022%2F09%2F03%2Fblue-jays-have-turned-the-page-and-the-september-script-is-about-to-get-interesting.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Feditorial_cartoon%2F2022%2F09%2F02%2Fmichael-de-adder-conservative-decisions.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2Fopinion%2F2022%2F08%2F26%2Fface-it-phil-mickelson-was-right-and-now-the-pga-tour-colleagues-he-left-behind-are-reaping-the-rewards.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fcontributors%2F2022%2F09%2F02%2Fdonald-trump-is-mobilizing-his-mob-once-again-the-threat-goes-to-the-core-of-american-democracy.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 donald_trump5.jpg
images.thestar.com/FzacdaoTBBq96krBCQ5wRPO6cHo=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2022/09/02/donald-trump-is-mobilizin... 36 KB
36 KB 9ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FzacdaoTBBq96krBCQ5wRPO6cHo=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/opinion/contributors/2022/09/02/donald-trump-is-mobilizing-his-mob-once-again-the-threat-goes-to-the-core-of-american-democracy/donald_trump5.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2fba34e0e39306b20cb77ed10b3104addc0afa08f1d8c32c5f6ebabd27baf6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:30:11 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 163086
etag: "26b78112640f3e71101df6b1a110e18409d1cb94"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 36864
x-amz-cf-id: VRln9WozoxwXRsxW4WFAhSPwvEOGVragvzja3jKF2ibvDZXtIs5qrQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bichette.jpg
images.thestar.com/4TtWvNQqAcRqL0AHjfw03XeO5Xc=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/blue-jays-have-turned-the-page-and-the-sept... 39 KB
39 KB 8ms
8ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/4TtWvNQqAcRqL0AHjfw03XeO5Xc=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/bluejays/2022/09/03/blue-jays-have-turned-the-page-and-the-september-script-is-about-to-get-interesting/bichette.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 61df68afe8b06249527f0189457292b07c2962e2617b898c13bfafbfd6f1268f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 02:49:39 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 32318
etag: "91d363c400ab3af2350f61c65c076da8cd22cc7f"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 40036
x-amz-cf-id: H5i5TuYiyMj15Pm5w9LDCt14SK1RuMTgM_khMXfYtvJhPRzQoZTDdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 108ms
107ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2307&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=85&jsfv=nbc&ts=1662292097205&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=2306&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2F2022%2F09%2F03%2Fblue-jays-have-turned-the-page-and-the-september-script-is-about-to-get-interesting.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2022%2F09%2F03%2Ftop-mlb-prop-picks-september-3-expect-pete-alonso-to-torment-patrick-corbin.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftennis%2F2022%2F09%2F03%2Ffrench-tennis-player-accuses-former-coach-of-sexual-assault.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fauto-racing%2F2022%2F09%2F03%2Ff1-heads-debate-super-license-system-and-exemption-for-herta.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fboxing-mma%2F2022%2F09%2F03%2Fandy-ruiz-faces-luis-ortiz-on-road-back-to-heavyweight-title.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fgolf%2F2022%2F09%2F03%2Fgooch-has-1-shot-lead-over-niemann-in-liv-golf-boston-event.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fncaa%2F2022%2F09%2F04%2Frogers-throws-for-5-tds-mississippi-st-knocks-off-memphis.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fhockey%2F2022%2F09%2F03%2Fus-routs-czechs-to-reach-final-of-womens-hockey-worlds.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220830150812-ec9d82ef8e58e2c559386c3c2ddf2617e7b49a6db9ebc588f84f44b7a90860c2.jpg
images.thestar.com/7ahz9vB4ZgpA_jN7Xi-zcTlNyGQ=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/09/01/in-a-common-law-relationsh... 10 KB
11 KB 15ms
14ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/7ahz9vB4ZgpA_jN7Xi-zcTlNyGQ=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/personal_finance/advice/2022/09/01/in-a-common-law-relationship-heres-what-it-could-mean-for-your-money/20220830150812-ec9d82ef8e58e2c559386c3c2ddf2617e7b49a6db9ebc588f84f44b7a90860c2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6e8be22f27eae7f18cbe4dc31e273b0892eeaef3c78451a65d5d8a4a87f3aa64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 14:07:23 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 250854
etag: "27ebc05048e00d0bf98b49007aa9f23c05a0f645"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 10660
x-amz-cf-id: jToMcU9bokoxkVJ8vAO9OnmkzgMH2wkssI-KuldApIv_5vyY2__iuQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220901160916-6311137a4232242d5c506c1ajpeg.jpg
images.thestar.com/JxYpyGRVrBCL3o09lWGJfUntN5M=/0x0:1229x819/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/02/boc-expected-to-raise-interest-rate-f... 71 KB
72 KB 14ms
13ms Image
image/webp 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/JxYpyGRVrBCL3o09lWGJfUntN5M=/0x0:1229x819/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/09/02/boc-expected-to-raise-interest-rate-for-fifth-time-at-pivotal-moment-for-economy/20220901160916-6311137a4232242d5c506c1ajpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7550f04cb53b002d7d7fd42b5c70684ea11a049953027d11c2ddadec2b847604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 19:15:11 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 145986
etag: "aafcbde70ce0b8c4ca1a2bbfa39ad033e4e14cdc"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P4
content-length: 72808
x-amz-cf-id: Vd3S39XGHXMHIREh8oqISxZiLqa9fEv-fqaCfFfQ4_pn2HWAmTGgzQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 109ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2315&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=90&jsfv=nbc&ts=1662292097214&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=2315&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F09%2F01%2Fin-a-common-law-relationship-heres-what-it-could-mean-for-your-money.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F09%2F02%2Fboc-expected-to-raise-interest-rate-for-fifth-time-at-pivotal-moment-for-economy.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fopinion%2F2022%2F09%2F03%2Fwhen-it-comes-to-fighting-inflation-trudeaus-place-is-on-the-sidelines.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F09%2F02%2Flifting-five-day-quarantine-will-worsen-labour-shortage-advocates-say.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 108ms
108ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=conversion_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2330&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=93&jsfv=nbc&ts=1662292097229&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20NBanner_FirstUpNewsletter_Q322_ABtest6&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/ 35 B
49 B 177ms
177ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/6a9b9485-4510-45cb-aec6-4bd9a0075bc6/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2339&blst=657&ist=1256&iet=1259&bdst=657&bdet=923&bcttt=94&jsfv=nbc&ts=1662292097237&jsk=q9fqmmutk5a97trs&jsv=20220826&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=6a9b9485-4510-45cb-aec6-4bd9a0075bc6&sid=81844303-12d0-4333-880a-caefa2fec9dd&pvid=72b93000-0c4e-401c-c51d-27f3221d8f4a&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F105.0.5195.52+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=2338&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F09%2F02%2Fjohn-harwood-exits-cnn-amid-changes-at-the-news-channel.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fcasino%2F2022%2F09%2F02%2Fhow-to-play-baccarat-rules-odds-and-strategy.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2Fopinion%2F2022%2F09%2F02%2Fnow-that-its-september-here-are-the-40-plus-books-were-most-looking-forward-to-curling-up-with-this-fall.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:17 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 88607 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 38ms
38ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/88607

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

acbe017db1419b4aba9729d71cf625f62901ed8ca6a1f8c2a269d5d6bbe09330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"983430451c76c1e2f0754a41ba1be3a534e77222"
xip: 168.119.68.126
x-srv: fishnet-prod-feedsbackvar06
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-prod-zrh5-web5
grace: none
content-length: 707
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Sun, 04 Sep 2022 11:38:50 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1042715617 1041245339, 325783050 323696891
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 12:38:50 GMT

GET
H2 200 88607 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 5 MB
448 KB 209ms
209ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/88607

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

b2837bdc24f1b153483fbf450da8a713f8f214c628978713f6706a2a73d38b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"efc1f288a4abbe4468b81697ec259c38b00cff73"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-hfhmiray
grace: none
content-length: 456991
x-feeds-fv: feeds-prod-vie1-var-ik
last-modified: Sun, 04 Sep 2022 11:48:06 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1062956540 9970795, 327190222
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web06
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:26 GMT

GET
H2 200 803 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 82ms
82ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/803

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

a61109cc1eaec8a777a18f35512493fbd26868e251f651f859edad96fe1def68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"a83e3107edbcffeb0a5db6e4423a888f398b1c8a"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-prod-zrh4-web2
grace: none
content-length: 594
x-feeds-fv: feeds-prod-vie1-var-kp
last-modified: Sun, 04 Sep 2022 11:47:33 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1008113828 1008733751, 327426509
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web2
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:52:33 GMT

GET
H2 200 89265 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 4 KB
2 KB 114ms
113ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/89265

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

82107a9494aa8b0b6fee15ccbd0de36a13122d34f2e62da157b2577ab7650ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"5a0ebb4ab66ea512eecc77b9c7689a032d8f578d"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-cwsitukj
grace: none
content-length: 1666
x-feeds-fv: feeds-prod-vie1-var-qs
last-modified: Sun, 04 Sep 2022 11:47:59 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 40171250 36958811, 392991159
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web14
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:19 GMT

POST
H2 200 160 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 378ms
377ms XHR
application/json 18.66.112.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-94.fra56.r.cloudfront.net

Software

- /

Resource Hash

d5c524a5b826288140ca0d15f9e08571c024db9e65bc2ae25c1667d8117b6592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 150
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: syC15kO_Mcpwnw7To8d-NkHNHv2ZN5Yjf-9f2Q9JNtFJ4_n0pDhMqg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 container.html Show response
6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66D7 6 KB
3 KB 25ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:16 GMT
expires: Mon, 04 Sep 2023 11:48:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 4B85 221 KB
61 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 4B85 14 KB
5 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 4B85 94 KB
28 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 4B85 5 KB
2 KB 75ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 4B85 40 KB
13 KB 75ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:26 GMT

GET
DATA 200
OK truncated
/ Frame 4B85 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91911884ef71a41c95e1a3cedd7f5d284ecf8299f4beabb2a02fc646b399ac6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 842865223649244099
tpc.googlesyndication.com/simgad/ Frame 4B85 114 KB
114 KB 35ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 02:52:20 GMT
x-content-type-options: nosniff
age: 32157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116488
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:08:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 02:52:20 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B85 2 KB
3 KB 51ms
25ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:03:14 GMT
x-content-type-options: nosniff
server: cafe
age: 60303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 04 Sep 2022 19:03:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B85 295 B
757 B 33ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:52:08 GMT
x-content-type-options: nosniff
server: cafe
age: 68169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:52:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B85 0
0 40ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0y7Q8GcZEB6s5b7wFQZSxbr8Kb2pWKU7TprIPKidI2_02v9IKLWXRz9XEe8Ce-6XXJDvF
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4B85 0
0 53ms
53ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg-dogJAUY5SzN8747gODoJ7QD6rozphsneKW87cQ29keEAEgx-v2HmCVgoCAlAegAfL7098DyAECqQLWhheQFrOwPuACAKgDAcgDCKoEmgJP0Pw1Y26o_y39YGlNMtFgbtygtFE7qavMAGj-IbdSjAp0TVOp6BtXxI63uVmQ58mFQDx5B5FmYQvdzvvdCzybmzQC7SNSw9j7V61NMjlrx1brnlAawr1-sV8P6llR3uDdNU44KSy-x88DWb76j2oJZESSGUa9TxYT80o93NdE92kq7vsaXuCAKApVMV6qLLyvs0yHDhih14Q3knZIrqSvRws0qFZYgznHyNSQiJ8IYH2kITgqNRctVbMFEkTioCjZuiTZOvB1oPug7v6tJv1iT_nitlBEwMTSSBy26z9J5ya1WsJhYjVq7zSnxUP0RLFciHg9-gKQ3km8F2gdrl53cD9aC4i3vrL8KnpAHdupr8UeoELUdiHJdgzABM27paOfA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfZ5bImqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuecw0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=hfis40uvFNs&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 47F8 221 KB
60 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 47F8 14 KB
5 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 47F8 94 KB
28 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 47F8 5 KB
2 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 47F8 40 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 439311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 09:46:26 GMT

GET
H2 200 842865223649244099
tpc.googlesyndication.com/simgad/ Frame 47F8 114 KB
114 KB 35ms
24ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 02:52:20 GMT
x-content-type-options: nosniff
age: 32157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116488
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:08:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 02:52:20 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 47F8 2 KB
3 KB 41ms
29ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:03:14 GMT
x-content-type-options: nosniff
server: cafe
age: 60303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 04 Sep 2022 19:03:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 47F8 295 B
353 B 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:52:08 GMT
x-content-type-options: nosniff
server: cafe
age: 68169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:52:08 GMT

GET
DATA 200
OK truncated
/ Frame 47F8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61f33093d24bba823c69475516ffbfa6a8e1fcdb75e8b8fe9a834b451b1dd892

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 47F8 0
0 17ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLrZkz4020F6Q4m0tzmyNQvFqfKhRPt06iX1OX9KDPm2Q_rC_y0yzmhI4Il1jL_lsr_CxJ
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 47F8 0
0 52ms
52ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfjyWgJAUY5mzN8747gODoJ7QD6rozphsneKW87cQ29keEAEgx-v2HmCVgoCAlAegAfL7098DyAECqQLWhheQFrOwPuACAKgDAcgDCKoEmgJP0JjquSd8qChiYRpprso_pM16cpOslTqGNHYAk-GkfTo9sn-rHzUe1Qtai6IqpBhcYZw4tdiJX8ohlihT8TI7jWZwoIpXiOsG5vrfUj6VBwDifOt6W1iiz_jV3KWdi15XkfQRvBPtBW4lWL0dPddx_1KlEREW_LcykWnm9NumbfOpWJq1UpkHu7ccm4gQCL9Z2LrQ9H56jvS44SnHAXfTeyzQgFxvHhgozlb9IQihXFqlv2gy2xNr89ux4f67cEwweHRcJ1M65VJF2bS517lV1xO8DheBdw01wjO7DpjsbkL9M_5Fb9rchxmvTJPjDArigrjvdit6GtW_3Qr9RrzfZWC5bXu0BnpOkobaUqBWBwGeXhLBlqyBNoLABM27paOfA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfZ5bImqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnM820ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=mx1G7JjsWXc&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame D64F 7 KB
3 KB 689ms
161ms Document
text/html 34.250.104.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.104.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v038-0ee6e918f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: r2dQIuRVT+M=
content-encoding: gzip
date: Sun, 4 Sep 2022 11:48:18 GMT
last-modified: Wed, 3 Aug 2022 12:12:42 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
458 B 514ms
143ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=07356376588759910112187728713008766505&ts=1662292097681

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

eb84db4c2565186cef80088d20398ca44929cf3850d26531a6aa458f83a335de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YxSQgQAAAL2ITANx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=07364879597786424092184627093328757795
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxSQgQAAAL2ITANx

42 B
942 B

221ms
220ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxSQgQAAAL2ITANx

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-04381ac5b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dEekTTD7QSY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxSQgQAAAL2ITANx
Date: Sun, 04 Sep 2022 11:48:17 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 3630.png
img.sportradar.com/ls/crest/medium/ 3 KB
3 KB 208ms
18ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3630.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1e9adc9c68dd132eae2f6c782675472a40b4b4afdc7bbcdacb705ea32a5257a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 20 Aug 2020 11:16:27 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5f3e5b8b-c73"
x-varnish: 901503629 901868608
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 3187
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 3640.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 208ms
19ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3640.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5d207ae453abd771aa41b682c8257249ba80b6c7c1da16250ef8245876b2733a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-16e0"
x-varnish: 207804319 205655059
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5856
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 3655.png
img.sportradar.com/ls/crest/medium/ 7 KB
8 KB 209ms
19ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3655.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

dcd2f3dfe198ba8123b9492c6c744b5a9b2242b77245b44b9e7b4d71a6f5daf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1db7"
x-varnish: 890167521 888473856
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7607
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 5929.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 223ms
34ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/5929.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2bab4838bdc40d3ce9ae46731062166b1c45ce88d1acdaa4388e9e86dc4a980e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:56 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1c0-163d"
x-varnish: 217955058 216395703
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5693
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 3636.png
img.sportradar.com/ls/crest/medium/ 3 KB
3 KB 224ms
35ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3636.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

21dc94de8ca20e368666b6c5606943d973571caaeefb3cf1fd3bf0893104864f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 07 Sep 2021 09:26:46 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "61373056-b28"
x-varnish: 895785100 894374235
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 2856
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 3638.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 224ms
36ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3638.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9fa668bc91560b5f4ff86183dc8734e151322c54162e6ea1afce3cdc7feddc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-13de"
x-varnish: 901054561 900800659
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:17 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5086
server: nginx
expires: Mon, 05 Sep 2022 11:48:17 GMT

GET
H2 200 3642.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 89ms
86ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3642.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9f402d0f96fa4024deaf63dcbab0bbfbc51921eefd8cd9eea67b54bd393d86bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1440"
x-varnish: 39479378 38306693
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5184
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3637.png
img.sportradar.com/ls/crest/medium/ 2 KB
2 KB 89ms
87ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3637.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3c8f5a28f3850a6c109b5d6819c495834663f93c080a395293b3c7965bca2588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 07 Sep 2021 09:26:46 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "61373056-659"
x-varnish: 900714969 899143481
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 1625
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3628.png
img.sportradar.com/ls/crest/medium/ 5 KB
6 KB 91ms
88ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3628.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b3892cb532fac8548332664edea788199d24c87dd08eb11faae0a114e1997533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1565"
x-varnish: 901303271 899672326
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5477
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3633.png
img.sportradar.com/ls/crest/medium/ 3 KB
3 KB 91ms
89ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3633.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

55e7a733a5100f5c0f1b5de1001f44c8426c84d24c87bae50632fdcbd260d9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 24 Feb 2021 18:17:40 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "60369844-c1c"
x-varnish: 899017820 900062520
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 3100
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3639.png
img.sportradar.com/ls/crest/medium/ 4 KB
5 KB 92ms
90ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3639.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3bb22221479628c1faaf6625645be4ee3d901aa9b437d73e4ff7d5afd9ee520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 24 Feb 2021 18:17:40 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "60369844-111e"
x-varnish: 218089749 214558015
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4382
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3656.png
img.sportradar.com/ls/crest/medium/ 4 KB
4 KB 93ms
91ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3656.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2215bb15fea1147a5293db87e8715aba8f272094761c38b7b7e5df4feb4705d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Wed, 24 Feb 2021 18:17:40 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "60369844-f72"
x-varnish: 893189474 892681459
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 3954
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3645.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 93ms
91ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3645.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bcb0d0f41e1a65c68d4f188ef9b0d0889a685404295db5fe6701dca244d96028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1664"
x-varnish: 215433832 215550216
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5732
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3652.png
img.sportradar.com/ls/crest/medium/ 8 KB
8 KB 96ms
93ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3652.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4a491800f46208d25bbe1aac6891312d2a3a311b8029608455663c28813ab71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1f5f"
x-varnish: 896002048 896241596
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 8031
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3647.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 97ms
95ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3647.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f444c368e1ae645a93527a7d863b399cab816de3d41baf74f1d2929360f3a6c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-14ca"
x-varnish: 900248940 898074013
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5322
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3646.png
img.sportradar.com/ls/crest/medium/ 5 KB
6 KB 97ms
95ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3646.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

645676ea1399d174daac15f1c8c5b3ae0c67f823df7f25d7b7ead8c87ea1e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1538"
x-varnish: 900455173 900970013
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5432
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 5930.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 105ms
103ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/5930.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1e56da4973cf8139c9e45438e1f3eac999faf1a172c90410f28c2144548b920c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:56 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1c0-1b79"
x-varnish: 211156820 211365073
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7033
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3629.png
img.sportradar.com/ls/crest/medium/ 2 KB
3 KB 105ms
103ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3629.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c938700b88d45c96b5f526a373fd6b50e89c60dd4fd10aa8c0f4ea32385a4c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 07 Sep 2021 09:26:46 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "61373056-965"
x-varnish: 896926800 896458380
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 2405
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3654.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 106ms
104ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3654.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

01e90c6a7dbb612a7d3212f41dc4b154a8ba29f3763da1ac48cddccfbccbb120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1b42"
x-varnish: 214404243 211675040
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6978
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3653.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 108ms
106ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3653.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b0cdddbfd12f54aebc9dffbe56d608ee9c7206a7681608df12fa748c5503424f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1970"
x-varnish: 209741780 210606451
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6512
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3651.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 110ms
107ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3651.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d1022afca9b12e87328bb0653b0522c7fea801fef4a5cce22e849e0fcd15212b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1704"
x-varnish: 216305682 215555958
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5892
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3648.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 110ms
108ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3648.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d2ad04cc0b0849cdaa64d3357cddccb18da4a39fd1c61db0ff12489c82c9675e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-18e4"
x-varnish: 407487914 407051575
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6372
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3649.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 112ms
110ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3649.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c09192d027335014bed830fa6edd4b552a0e86914cfc99187957e08f9c5870a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1bd6"
x-varnish: 208333985 192100134
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7126
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3644.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 114ms
112ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3644.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3bfaaf5a4d2cb74bffc59beed2bdcf3c3c790ebfe696aabbfd18b3fd37fbacd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-16a3"
x-varnish: 900593405 900686781
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 5795
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3627.png
img.sportradar.com/ls/crest/medium/ 8 KB
8 KB 115ms
113ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3627.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

65ec2f00e5bf9c08f07c1279809473c098de91fc90fbe27295ac9a81785b449f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1e75"
x-varnish: 897738570 897997559
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 7797
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3632.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 116ms
114ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3632.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a5fea65b08369a50e412677fa378552b11cc62715f2059a726c5e714e300f294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-17cb"
x-varnish: 208173305 208002607
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6091
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3641.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 116ms
114ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3641.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

be8683d0fa45438975b0440a9f3dc246d5d4ae1050872eb96b58222645aae05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "5dd2a1b8-1895"
x-varnish: 211691786 210274486
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6293
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3650.png
img.sportradar.com/ls/crest/medium/ 3 KB
3 KB 117ms
115ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3650.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

281b0bba9f73ba5fd398270735d8bc0548e9723c99500878911269284bea27e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 12 Apr 2022 08:48:07 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "62553cc7-b03"
x-varnish: 214121320 212940727
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 2819
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3635.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 117ms
116ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3635.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fd9a291245240c2834419887caed3639c771d8f8554c9efe89f2c5f5942dec10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1410"
x-varnish: 900325900 883218837
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5136
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H2 200 3634.png
img.sportradar.com/ls/crest/medium/ 3 KB
3 KB 118ms
116ms Image
image/png 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3634.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a462263c8a2fb0f4771b6bb72ee694b4464bdc972335539bdbc9e17e7aa3be8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 07 Sep 2021 09:26:46 GMT
x-srv: fishnet-prod-logos-fvauto-0b8b23750c8725432
etag: "61373056-a4a"
x-varnish: 216378398 214255588
cache-control: max-age=86400
date: Sun, 04 Sep 2022 11:48:18 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 2634
server: nginx
expires: Mon, 05 Sep 2022 11:48:18 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/ Frame 0235 10 KB
3 KB 27ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e073cf26f3d82f4816a5a6b38801e590a33c4c8ad8044cc9d7ebd37b6eabaae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 465927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2655
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 02:22:50 GMT
expires: Wed, 30 Aug 2023 02:22:50 GMT
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 66D7 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgQwcgJAUY5OzN8747gODoJ7QD_qP_pJsjYz-gJ8QvbGJw8AuEAEgx-v2HmCVgoCAlAegAc7Dsv4DyAEJqQLWhheQFrOwPuACAKgDAcgDSKoEngJP0BwR4HiAf0in1W1cd4RTH_27WRG71QMtmdE58jqOSdRGRBOQfS4GY9BbuJmT04AoUF6wHznXqWq3uQYJjL6orphdIn-WbSM3yIKk7EVAD1iDI3TUrIv46eprHwuEaWapgKlzAzqHJLBOYOKnP0W2AQOyjdNmE6BYGBmMrR1wuI-s1m8rAJVY9fVlkKL8aAf_fRARRnt4yayxosoygbW6YJal61ZPL8L-PZ8pfsLafXZ-s6yWwO7LivP8mNkoZWhXN7Z-ku0Lzczt8wps9eXTSd-RlO8-427oMPifXHXJqeZGur1mKUK3EV_eVo96GxJg5Wlo4A-wnMeBjTV0-y2fvfKI7Tebbu4E6_4RULWOp6EiliED6ZDb-4-7Ct5BwAThntr4gwTgBAGgBi6AB5q8zQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCU8A7SCBIIiOGAcBABGB0yA-uCAToCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=OoVKt4QgwQs&uach_m=[UACH]&template_id=419
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 66D7 23 KB
9 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 11:14:04 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
159 B 17ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 1b2975b22f4eb0ddf44cb97ca51b0b70941245f7739dd6c0048e4ed21e57a273

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
via: 1.1 google

GET
H2 200 30773923 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/ 3 KB
2 KB 96ms
95ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/30773923

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

83cd03f1404dc8925efad4dc603ca021f0ffd8989789fd9c92bd8e8efd566dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"b3ea2a80ab21801a9755af3d4f64e7dbeaf255fb"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-iyofnzoo
grace: none
content-length: 1320
x-feeds-fv: feeds-prod-vie1-var-kn
last-modified: Sun, 04 Sep 2022 11:48:17 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 6245775, 371282176 371774081
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=29
xyolo
access-control-max-age: 10800
x-sbe: feeds_web15
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:47 GMT

GET
H2 200 30772901 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/ 3 KB
2 KB 106ms
106ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/30772901

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

b4cb8f7415bc55687aa54f93449c4257d0f6f72ac321ad7936f5d234d0451fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"4e3ff01741412a3eaed192cb9c5d34242c356ef6"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar06
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-narlgiqb
grace: none
content-length: 1317
x-feeds-fv: feeds-prod-vie1-var-ci
last-modified: Sun, 04 Sep 2022 11:48:17 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1034711108 1037719145, 311345449
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=29
xyolo
access-control-max-age: 10800
x-sbe: feeds_web04
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:47 GMT

GET
H2 200 30773849 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/ 3 KB
2 KB 108ms
108ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/30773849

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

a181ccf5f0fc2dae01044934d8e64bd638289afe1299f9d6dc03685685b055b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"79d37fe7af08a9e832a33c403317e71ac15bba7c"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-prod-zrh4-web5
grace: none
content-length: 1273
x-feeds-fv: feeds-prod-vie1-var-lc.vie1.sportradar.ag
last-modified: Sun, 04 Sep 2022 11:48:03 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1006935766 1002651156, 655418723
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=29
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra1
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:33 GMT

GET
H2 200 30773419 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/ 2 KB
2 KB 106ms
106ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_get/30773419

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

abd5e6d169cc4392bbdf93e9122bda009e6be08e12b963285103ea308c3603ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"6a8c8171bff501b8f216d55fcf2aa0f873670cf9"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar04
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-feeds-cwsitukj
grace: none
content-length: 1063
x-feeds-fv: feeds-prod-vie1-var-lp
last-modified: Sun, 04 Sep 2022 11:47:56 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 486691244 487637508, 654244435
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=29
xyolo
access-control-max-age: 10800
x-sbe: feeds_web14
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:26 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4B85
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

23ms
22ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

date: Sun, 04 Sep 2022 11:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 47F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

35ms
35ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

date: Sun, 04 Sep 2022 11:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0235 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Sep 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0235 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Sep 2022 04:14:04 GMT

GET
H3 200 img-bg-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 72 KB
72 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-bg-0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

663679bdd35df75aca06e52a2c8f97b2a580f9640c1f2ca50bc3a385c3dcbb47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73480
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-bg-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 17 KB
17 KB 31ms
28ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-bg-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8933b2a983b476d3d98650c2f6e4027b6be6de298ed5fadc8420658a972d29d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17833
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 tf-0-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 3 KB
3 KB 17ms
15ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-0-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6e604803e7caf1d840778dad7d901e3127c52e197ff9da8b4f96ebd5a61f18f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3410
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 tf-1-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 2 KB
2 KB 34ms
29ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-1-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a0502637cfaf9a94bdb41c7d04a5db8f66e66bd75960a91796117bebb14791

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2188
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 tf-2-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 4 KB
4 KB 33ms
28ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/tf-2-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7390c143fb117e2e8ba657c53c338b8901d466c14b6ade0a136d70ed046a6ea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3972
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-hashtag.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 2 KB
2 KB 32ms
27ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-hashtag.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0cb7a84bf231beb42be41189676f3af575bcb048e330694a47d71e34c4c306

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2398
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-stoerer-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 4 KB
4 KB 35ms
30ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-stoerer-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b321ec8412a7f5f088ae9c776e4720083084fdbf532e08747585c65dfa37e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4162
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 3 KB
3 KB 31ms
26ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48306e9081077ef3dbd91297bacbe423ed479cbd284fba7e7952ea35a50bb30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3279
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-overlay-white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 2 KB
2 KB 34ms
29ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-overlay-white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2cf3c28b4ca6850e001ad4db41d69f195854dd6b76e53be9b79280e2955d37

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2437
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-logo-end.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 4 KB
4 KB 35ms
30ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-logo-end.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1e737642103fc85b4df4c2c792f03541a20ff20e22253653d5e577a3ea9c1f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4271
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 2 KB
2 KB 35ms
30ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/img-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2708bda4c13c3e0df7ebcc3fced7e1e47df5d74695d908412cd69abeeb4739f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1777
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 99 B
133 B 36ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a56256abd37201dd165bd8c1f26aecdcc5997a43b2e99c5db802c1c3ffd1c2eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:22:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:22:17 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0235 57 KB
23 KB 290ms
18ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 11:48:18 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/ Frame 0235 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5137690378682250279/VAI-DE-WarumWarten_Marco_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 457175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:21:42 GMT
server: sffe
date: Tue, 30 Aug 2022 04:48:42 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 04:48:42 GMT

GET
H3 200 842865223649244099
tpc.googlesyndication.com/simgad/ Frame 4B85 114 KB
114 KB 9ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 02:52:20 GMT
x-content-type-options: nosniff
age: 32157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116488
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:08:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 02:52:20 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B85 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:03:14 GMT
x-content-type-options: nosniff
server: cafe
age: 60303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 04 Sep 2022 19:03:14 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B85 295 B
319 B 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:52:08 GMT
x-content-type-options: nosniff
server: cafe
age: 68169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:52:08 GMT

GET
H3 200 842865223649244099
tpc.googlesyndication.com/simgad/ Frame 47F8 114 KB
114 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 02:52:20 GMT
x-content-type-options: nosniff
age: 32157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116488
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 08:08:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 02:52:20 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 47F8 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:03:14 GMT
x-content-type-options: nosniff
server: cafe
age: 60303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 04 Sep 2022 19:03:14 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 47F8 295 B
319 B 14ms
14ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:52:08 GMT
x-content-type-options: nosniff
server: cafe
age: 68169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:52:08 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67E7 143 B
426 B 31ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 11:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 66D7 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 11:40:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 66D7 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 11:26:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 66D7 0
0 16ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNZqbxZQHGFZjcPA6jLYtrLR3MyDCnsrDQYWC0nXsBLXTlIq9lGux6wFFQjd163b5hcD2T
Requested by: Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66D7 142 KB
44 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 11:48:17 GMT

GET
DATA 200
OK truncated
/ Frame 66D7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6965b063365b7d76270b61387b09479aaab77cc053203bd51df5e2ef02fdc33e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 67E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
27ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
URL: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:18 GMT
expires: Sun, 04 Sep 2022 11:48:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0235 36 KB
16 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 19:48:02 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 121ms
121ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 99ms
21ms Image
image/gif 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1662292096197&de=802892918404&rx=253901059049&m=0&ar=5aeef158bee-clean&iw=f00003e&q=1&cb=0&cu=1662292096197&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&it=500&pe=1%3A641%3A1658%3A0%3A658&fs=200157&na=1721249994&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Sep 2022 11:48:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
56ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07a8b0b9eafb94e4d8fc24b3c32e3597b531d86214e32bf5b4d5545a4e0fd321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11047
x-xss-protection: 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 42ms
7ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges: bytes
content-encoding: gzip
content-length: 7722

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 84ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 825FEEBCF7934AD387E801E224075CC8 Ref B: FRA31EDGE0614 Ref C: 2022-09-04T11:48:18Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 04 Sep 2022 11:48:17 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 112ms
30ms Script
application/x-javascript 2a02:26f0:10e::6860:5baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5baa Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=84980
accept-ranges: bytes
content-length: 3063

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 28ms
27ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kjyo7100160-IAD, cache-vie6356-VIE

GET
H2 200 B24540798.279406836;sz=1x2;ord=22514552016 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 33 KB
13 KB 98ms
41ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=22514552016?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

b6822bed641569c43bfec8b8dfe6eb85331f92dbb03f6961696d0b76045d17c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
37 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

824f133794403571fb011fb9936dd0e966ce3e4f37dab05013bf68a8b3954caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37943
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Sep 2022 11:48:18 GMT

GET
H2 200 30773419 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_pbp_delta/ 2 KB
2 KB 90ms
90ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_pbp_delta/30773419

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

31591cb3e64ed60a085e3f3b7463f3687b4ab598954434debf83e5c979d4c99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"ec240f05806579ad82f1075436bf08e820a4d005"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-prod-zrh5-web5
grace: none
content-length: 919
x-feeds-fv: feeds-prod-vie1-var-il
last-modified: Sun, 04 Sep 2022 11:48:17 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:18 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1006087224 1007298281, 685175200 683954418
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3
xyolo
access-control-max-age: 10800
x-sbe: feeds_web_extra3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:20 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 135ms
106ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1662292098445&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=cfa2ed1e-3ba5-4e3a-a98e-db62d7a11e28&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069312

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 11:48:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFE6 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 08:21:29 GMT
expires: Mon, 04 Sep 2023 08:21:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E8F 783 B
537 B 21ms
21ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4695b539491b854c3019555c8554981d6ab0d0770cf000e69b0709bf0a9e05d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JOVMBk5CSwJP9BQs5QT3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-JOVMBk5CSwJP9BQs5QT3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:18 GMT
expires: Sun, 04 Sep 2022 11:48:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 1 KB
863 B 309ms
309ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

40a4bef03ad952669a9b9157ab2e93617cd0907aa99487a6096805779920f63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A86AE1FA8C4D45AB87A95676F258558D Ref B: FRA31EDGE0614 Ref C: 2022-09-04T11:48:18Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Sun, 04 Sep 2022 11:48:18 GMT
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
176 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=edaad437-b151-400c-9a58-b7a9ca13796e&sid=77f154702c4711ed9b07cf706a1def1d&vid=77f196f02c4711ed9662e7505ac098f2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=3492&evt=pageLoad&sv=1&rn=698725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F401548283CD48B882091868298618C3 Ref B: FRA31EDGE0614 Ref C: 2022-09-04T11:48:18Z
date: Sun, 04 Sep 2022 11:48:17 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5DhgB2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-r9Uxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-mw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1662292096197&de=802892918404&rx=253901059049&cu=1662292096197&m=2191&ar=5aeef158bee-clean&iw=f00003e&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=10802&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A641%3A1658%3A0%3A658&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=1564323268&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Sep 2022 11:48:18 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame FFE6 36 KB
16 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 19:48:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ 8 KB
3 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=22514552016?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 11:45:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
575 B 78ms
42ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbzU9inhC4vbRUb51GYIX6ieHyb6T0Jid9q2OVIkjKj3tcx37KMScqKeJQiaxwDBhb0MfSxrS2Iwfz7nueA3sWiNzs7xiAjuBPVSvk3dfACCjWZPLfdOwqWXloW-_AaE4ei5kPeBdbc2X895keGx9ZEUSvCvcHxA&sig=Cg0ArKJSzDzOPctJfhY5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220831.22843&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=22514552016?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 11:48:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1662292098512%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQLfhWAyVFcqXgAAAYMIVH837ytXrWx73pjvfJNR1fC2...

0
267 B

163ms
109ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQLfhWAyVFcqXgAAAYMIVH837ytXrWx73pjvfJNR1fC2p5V88oBRDdTYqCFwE3w4uSvztX9phwxwzn4C7mDGB6ZKG48PUA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9B41E62AB1464F33BABBF913BDBD1BC1 Ref B: DUS30EDGE0414 Ref C: 2022-09-04T11:48:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXn2IoTRi+MHS0VK913AA==
x-li-fabric: prod-lva1

Redirect headers

date: Sun, 04 Sep 2022 11:48:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DC647760B21D4B0EA9781B5A975B54E3 Ref B: FRAEDGE1410 Ref C: 2022-09-04T11:48:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1662292098512&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQLfhWAyVFcqXgAAAYMIVH837ytXrWx73pjvfJNR1fC2p5V88oBRDdTYqCFwE3w4uSvztX9phwxwzn4C7mDGB6ZKG48PUA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXn2IoQw5BwypeMvqZxUA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E8F 0
0 45ms
42ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083101&jk=248698664553534&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FFE6 0
12 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h9Xs7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 13008914 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 380ms
193ms Script
application/x-javascript 2620:1ec:27::cafe:1834
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/13008914
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 667927dbcdb28399c2f52d000f01705a87910e9b4fd8b652dec5f38d3b967b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
x-powered-by: ASP.NET
x-azure-ref: 0g5AUYwAAAADpla+imhluT6SEDmoWhFDfVExWMzBFREdFMDIxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66D7 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTk1p-rihNDBSyvJzFfSLd5dOBoizWK1yw_0k5596hzQ40sJCwEjR8n-YJjb-FC3h9iyshPdoyIiwKKjpGXOuNiE-HuVc3a7gP0AKHmLlEllgLY0WjCDehsxdAYdHjPwkkyrImTSPuDVJsYGdsnB6uq4e_n4LVjunQUx2gNbo65CsCeB8afHTBn6OLzLQFUkhY82UsVXZfGJp94cjoyqJXPg7YzUvj06svrm2CCbkEYaIsFFEWicUAvpLiW2NqkQD8wD512K6HoK3WDW5Xu9Rab-OQaQgiAsHZCE_5HjrtxI4TDPz-8poTZ1_odXxwgwDnrvT8U2lFvYso3mTPujO2BMojeIKrcpDvYnKAEI_y0YVB8ypR4w7QJIEwBuzquXzp4WwhmhQFSe0gzc-pXGAJWAtuziTQI9FB5I-JhbCKzKTU429aFdrca1lQot-bKju_ni-G8tFBQ3oW1NRcUD4eY2tfJ67Dm7ewfCnVTkif1FpZdFPcQD1iwUKTkw_ZOdS8E5X1ehUnbKAOGrN8L6sXqvJfmmQPzQGFcTyUiY_5HErMacDv37t-5oaT6Gf_-KPyVeHhgsZCLJ8zOhfwiNk-CqUTD8hGc72Pgwf4MeZolnKlhWkbKH_pkB2iBCff6ykWTPVYbF6BWNw3GxhpxrQUt9iVSo9nCdTH2lcE83SY8fhIwPnOfSFB4dT4FgaIU_jRoSCCZvNAdHegZAPGIyUAkfdtoBDtNyBnJnQ4jC4Jcl0IGY6Dt0ETIsxcat_QOxDE6T2x9Nm8VGpqRq81d7887wxkbHpQOHrhDKY5mWoP_B0x0mXCJnLU1IXKPW814drnkHVEF9SBhL35ECJPBP0QWDh_kDqwjtAWC0TfIlWwmawa-QtK5vFLM16sCmHWpuGoyfUvZmKbwfuwgw_zDlHXZJPbAwoepzx8oFOXw3t5GS4-SgM2cRuGll0i6oA1PSnM2gP-eGwZHFtUHKJSVu5K_5lgvxNGNlUppdHMaWoDOZMVly6xkXAM_ONJPwLcLbfofgX1FjSPg6FEZ4sIkAJYYhKs3cczqfS9ID2P1LKFnkwK2UCVvM1wdGMPWNXOg949v20plzi4jmF8kOeLcTufiUwKXzk9QfIkmMrZHmUBfWN1U-PVpmjK&sai=AMfl-YTuBrAXkvIBpaXBDLtI-jwAYiViFoGFKUMXlZeR3dkBnL9jq9AjkQxcPkb-nJfqK2O1mJKveGtycrj8HVFJArkdUaq17F-rHpLBGq-Gs0cAJQVcfL6cfjxPQDwBfnrvSipRAfjVBNhwYWkdwg&sig=Cg0ArKJSzKUkhNq4oN0KEAE&cid=CAASUORoPcN_-fSdvUOjLpaz5dp8xeDriy7e-bz8_msEjdmrIYZOoAhp6zW4FDUkKAHpVpotUfVSJLj5B1gGUvEz4IsUhRkguU50wlVsqlaia5cR&id=lidar2&mcvt=1000&p=10,436,100,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1887631228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662292097577&rpt=456&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083101&jk=248698664553534&bg=!zc6lzorNAAZTikH4c4o7ACkAdvg8Wm4NlhbN7DSuvngB8MJQaeDFsLURRz_-v1wy0nH-Pf5QzXXyRgIAAABEUgAAAAJoAQcKALQyilnAilZnBehvA8TfeSUjFf4KHC6_XTzYDCxoMDIRLne6XyYvbRHz13LLXlyQwilZ0VbSYgxG4JYKtiVA0irixBYEm7wAiskejZ3gmGZbJT8eqgwAlFY0d5BNN7virBlUyncXYwuBiOcKGzohHQTnwiawakH5RtJxuVXpDYKJeGsV5esJa77NIe1gyKACgL1bXpcLwJ4lgbzMcrivnLPIcRdjLwGHgIQLofgRFS8Re6McgsqZApzUwkQuwcmuoTuXZnd57AoRf4zFH9PXBDAi7yB5tShtWY9FQq3Gvb32OPigbWtD0yt5VnJz0NTq7ubFXV6Wrh8v0UuM-poJgK3DQTRqzKV_oeMD9c4P3XvJ-TlNRa0rAMi6t368bjykOylI6BvsrEphOOIchHuKmrDBQay9E9UHWUYrJSGX_yy9o8KBRSbCdbR-sCGgDMCJSuLWESmpvZzEXhrgQVB8B8G4DEsL8raQI1_nMavT8asKr2GsxHHMEIEaGbEBoNv8C9I1NHlpdlaP1FrPXgRBpB2BLSBWUHdnEh9wq86FMgsJNQWku1NqKu6eH_2cFOgzKq1UuZzZKWLbd76HC5Cq5ppFHvjljLkmpRYDhr9HP2xaCeY4oC26Ai9ld9yuFMMDcrqFMizfaWySj3yEz2o7TX6o1G22oHUZ4S4qhGfcjCQ-oJlAcuQaJ0sOF4LaaayTY085WTSp8IMY66MH1rIFNgUrpQi7uCsmW0j5JMdUSsBX-I5leGTnUG95XzWhpz7qskCxWEkO5NHr0PG_jbu0_g35DL4eWnepQmc-od0I-ztaM6Ij-Uk24Em4HC2KLQucwMANlx2R7ye8-lGOAwNYgwnDwpq9Kw3BjDvoE_yxWeWn2YL4qFnEpd2eRl2SFY3pdmL0fNYZKQ2X7KazVhU-ZGPVDdTOdTMKqj68Qb0lT5btfMlDGyRCXJATcEfBzhWeal7nxR_KpkpJySA0VIZGFZYmwD4cNcTKIwbgaImkzH_9MszB8Ar4R_PRdatkA4Kd24VzKxGnSj7-4b5a5Dd3W5eIVX4lwB4yjnIMgPV3dzbRb7Wql0zymCds6QaulzU1ZsH8sxbF2BLwMlzx7MwkE9ro6IWzHp44MAhqmFcxzaq9_3mi0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.40/ 54 KB
23 KB 196ms
195ms Script
application/javascript 2620:1ec:27::cafe:1834
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/13008914
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:18 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0g5AUYwAAAABnyt6PJpdSQaxbggi7p8RFVExWMzBFREdFMDIxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&RedC=c.clarity.ms&MXFR=045BBC2C4BB56C6E16BCAE394FB5623D
https://c.clarity.ms/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&MUID=07084A94B5B06BF41F8A5881B43B6A0B

42 B
368 B

31ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&MUID=07084A94B5B06BF41F8A5881B43B6A0B
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:18 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64D5FB86F03747919367DECA8E2B7913 Ref B: FRA31EDGE0614 Ref C: 2022-09-04T11:48:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=08E7966D7BD34F2F9E700EB9982267F8&MUID=07084A94B5B06BF41F8A5881B43B6A0B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
e.clarity.ms/ 0
175 B 325ms
96ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Sun, 04 Sep 2022 11:48:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 17ms
16ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 488e65dcfb781a5de3625f8ebc0b52e0edc6860105701494417e5eb361f127a7

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:19 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 1161 12 KB
12 KB 34ms
34ms Document
text/html 34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=dbe6307f-f3e8-4ae7-86a4-34341647eac3&publisherId=TKN100000001&siteId=4204204311&cb=1662292096870&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11885
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 11:48:19 GMT
expires: 0
last-modified: Sun, 04 Sep 2022 05:43:34 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 1161 4 KB
4 KB 34ms
34ms XHR
text/plain 34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=dbe6307f-f3e8-4ae7-86a4-34341647eac3&publisherId=TKN100000001&siteId=4204204311&cb=1662292096870&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5ad7e00d96814f5afdb233d96b593141672a5adf440d6bc3354b8ada323a6cf

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=dbe6307f-f3e8-4ae7-86a4-34341647eac3&publisherId=TKN100000001&siteId=4204204311&cb=1662292096870&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:19 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1161 70 B
265 B 102ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2206665441545970819

0
358 B

36ms
36ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2206665441545970819
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=2206665441545970819
date: Sun, 04 Sep 2022 11:48:20 GMT
content-length: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%26us_privacy%3Dpbs-ozone&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYxSQhCq01BaeIKRGhdnWdgAA%265177

0
358 B

34ms
33ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYxSQhCq01BaeIKRGhdnWdgAA%265177
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjxKojdjuMbgrT76JJGQcx0usBtTlYwqlzSAkEC1XVwrho1UFmDB9h86wremj9WBX1y2Jf6%2BALwML7BuBPIRliBxgRMDFKzsSADX1tBe%2Br8ITvTxD%2FoPA3XlvRORyN0Biw9ncFaY"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=&us_privacy=pbs-ozoneYxSQhCq01BaeIKRGhdnWdgAA%265177
cache-control: no-cache
cf-ray: 74567edc4ec35c9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 1161 43 B
360 B 63ms
8ms Image
image/gif 3.120.43.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r={{.RedirectURL}}https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.43.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-43-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:20 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae31332d-abc3-4d5f-8519-807a1b92dd47

0
485 B

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae31332d-abc3-4d5f-8519-807a1b92dd47
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=ae31332d-abc3-4d5f-8519-807a1b92dd47
Date: Sun, 04 Sep 2022 11:48:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame 1161 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=4699&wr=4698&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5DhgB2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-r9Uxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-mw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=10802&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=10802&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1662292096197&de=802892918404&rx=253901059049&cu=1662292096197&m=4700&ar=5aeef158bee-clean&iw=f00003e&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A641%3A1658%3A3493%3A658&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2403&cd=0&ah=2403&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=807241196&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Sep 2022 11:48:20 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 1161 0
35 B 106ms
8ms Image
text/plain 18.196.120.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.120.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-120-249.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 1161 43 B
350 B 89ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:20 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 83mh9gcvbbigads0voei8ib80koql6e3

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=9cb3f82a-52fb-41d8-9ffd-1df22811f4d3

0
617 B

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=9cb3f82a-52fb-41d8-9ffd-1df22811f4d3
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=9cb3f82a-52fb-41d8-9ffd-1df22811f4d3
date: Sun, 04 Sep 2022 11:48:21 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H3 200 metrics Show response
api.permutive.com/v2.0/internal/ 2 B
37 B 17ms
17ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/metrics?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
server: Permutive
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 1161 0
277 B 87ms
18ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 11:48:21 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1725 15 KB
6 KB 314ms
18ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=dbe6307f-f3e8-4ae7-86a4-34341647eac3&publisherId=TKN100000001&siteId=4204204311&cb=1662292096870&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=44779
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 11:48:21 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 05 Sep 2022 00:14:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1725 2 KB
3 KB 81ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17558952&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bf2533b1a5b6c3ca6c30d82d4b5c65f31ecaaa1648c8205bce974a7a942d997c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:20 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame F1B8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B

35 B
477 B

19ms
18ms

Document
image/gif

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 04 Sep 2022 11:48:21 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 04 Sep 2022 11:48:21 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=92964E5D-80D0-4F36-BE50-384D54DA8B0B
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2B03
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=79769047038600253

0
74 B

29ms
19ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=79769047038600253
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 11:48:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=79769047038600253
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 114D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b6d06314-9086-4100-88d0-6dca3a0ab3e3&gdpr=0&gdpr_consent=

0
74 B

13ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b6d06314-9086-4100-88d0-6dca3a0ab3e3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 11:48:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 04 Sep 2022 11:48:22 GMT
Expires: Sun, 04 Sep 2022 11:48:21 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master nrt-pixel-x19 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b6d06314-9086-4100-88d0-6dca3a0ab3e3&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 01D8 43 B
363 B 59ms
18ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:48:21 GMT
expires: Sun, 04 Sep 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 772578
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kpZOXYDQTza-UDhNVNqLCw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

21ms
20ms

Image
text/html

2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=44779
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Mon, 05 Sep 2022 00:14:40 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=08e06314-9086-4200-87f5-140c36ce2fe3

0
179 B

133ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=08e06314-9086-4200-87f5-140c36ce2fe3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 04 Sep 2022 11:48:22 GMT
Server: MT3 4505 5b23575 master nrt-pixel-x16 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=08e06314-9086-4200-87f5-140c36ce2fe3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 04 Sep 2022 11:48:21 GMT

GET
H/1.1

200
OK

pixel
ps.eyeota.net/ Frame 1725
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=92964E5D-80D0-4F36-BE50-384D54DA8B0B
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=33bc7a0973d1629bd34ec76e6b93e064&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e7ed60410134c528/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=e7ed60410134c528/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent}
https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi...
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=13d2ef7e50744eb3

0
344 B

59ms
8ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=13d2ef7e50744eb3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 11:48:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=13d2ef7e50744eb3
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTI5NjRFNUQtODBEMC00RjM2LUJFNTAtMzg0RDU0REE4QjBC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
74 B

73ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFk3ITqjkygOcVbQHfVbdIQ&google_cver=1

0
74 B

72ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFk3ITqjkygOcVbQHfVbdIQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFk3ITqjkygOcVbQHfVbdIQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1725 43 B
610 B 101ms
23ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 03 Sep 2022 11:48:21 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8292620037477096203

0
225 B

164ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8292620037477096203
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 22:02:25 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8292620037477096203
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1725 70 B
264 B 40ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489228004284970727&gdpr=0&gdpr_consent=

0
74 B

105ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489228004284970727&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:21 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b1d1b9fd-21e4-45d4-a51a-12de72e08985
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489228004284970727&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1725
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y4HjUWyC6lB40bMHZYP_Um2GsV14iuIHY4ssLwdb

0
225 B

93ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y4HjUWyC6lB40bMHZYP_Um2GsV14iuIHY4ssLwdb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:21 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y4HjUWyC6lB40bMHZYP_Um2GsV14iuIHY4ssLwdb
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 28ms
28ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:21 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 22ms
22ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 11:48:21 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5DhgB2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-r9Uxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-mw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=11&mc=0&lb=10802&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=10802&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1662292096197&de=802892918404&rx=253901059049&cu=1662292096197&m=5701&ar=5aeef158bee-clean&iw=f00003e&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A641%3A1658%3A3493%3A658&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3404&cd=2403&ah=3404&am=2403&xd=00&rf=0&re=0&wb=1&ai=4699&wr=4698&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=1538781798&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Sep 2022 11:48:21 GMT

GET
H2 200 30773419 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_pbp_delta/ 2 KB
2 KB 78ms
78ms XHR
application/json 2a02:26f0:f700:4::212:4f23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/graph/match_pbp_delta/30773419

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f23 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/8.0.20

Resource Hash

39ee66967679f7a2f2028d997fc5729ade77f8f04cba4c6e33d875b78601213d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"7a3e652257b6912c44732f1606f957d2d8ffb7d4"
xip: 2a02:6ea0:c71b:0:1012:9df0:ced8:2229
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
x-feeds-web: fishnet-prod-zrh5-web3
grace: none
content-length: 918
x-feeds-fv: feeds-prod-vie1-var-ci
last-modified: Sun, 04 Sep 2022 11:48:21 GMT
server: nginx/1.10.3
date: Sun, 04 Sep 2022 11:48:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 999937926 1002261667, 311640796 309288565
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh5_web3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 04 Sep 2022 11:48:24 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADmZk7GKSEAAA6zlz5J-g

0
728 B

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADmZk7GKSEAAA6zlz5J-g
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AADmZk7GKSEAAA6zlz5J-g
Date: Sun, 04 Sep 2022 11:48:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6489228004284970727

0
833 B

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6489228004284970727
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 11:48:22 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c307638b-5cc2-4ce0-8163-2fa1a0f1c1a9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6489228004284970727
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8292620037477096203

0
945 B

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8292620037477096203
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8292620037477096203
date: Sun, 04 Sep 2022 11:48:23 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=6b1f6137-3616-45d8-8aab-391da36aaf24

0
1 KB

34ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=6b1f6137-3616-45d8-8aab-391da36aaf24
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=6b1f6137-3616-45d8-8aab-391da36aaf24
date: Sun, 04 Sep 2022 11:48:23 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 1161
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4143778246272599941640

0
1 KB

35ms
34ms

Image
text/plain

34.251.87.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4143778246272599941640
Protocol: H2
Server: 34.251.87.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-87-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4143778246272599941640
date: Sun, 04 Sep 2022 11:48:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 2.21.185.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=12&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5DhgB2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-r9Uxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-csYy9DU1NqKUTA%3D%3D&sc=1&os=1-mw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&fl=1&j=&xc=0&xb=0&xa=0&md=11&mc=11&lb=10802&ld=1200&lc=1200&la=1200&cw=1600&cx=1200&sh=10802&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1662292096197&de=802892918404&rx=253901059049&cu=1662292096197&m=7316&ar=5aeef158bee-clean&iw=f00003e&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A641%3A1658%3A3493%3A658&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5006&cd=3404&ah=5006&am=3404&xd=00&rf=0&re=0&wb=1&ai=4699&wr=4698&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=1559348062&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 11:48:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Sep 2022 11:48:23 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 1161 0
239 B 75ms
9ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1725 0
47 B 21ms
12ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 11:48:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 15:20:52	Name: BCSessionID Value: 3c0de16a-7376-4c77-aaf6-8a02bcce16b9
torstar.blueconic.net/DG/DEFAULT	1970-01-20 14:30:28	Name: BCSessionID Value: 3c0de16a-7376-4c77-aaf6-8a02bcce16b9
www.thestar.com/	1970-01-20 14:30:28	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 14:30:28	Name: last_visit_bc Value: 1662292095264
.thestar.com/	1970-01-20 14:30:28	Name: bc_tstgrp Value: 6
.thestar.com/	1970-01-20 14:31:54	Name: _vwo_uuid_v2 Value: D44112DD016876E6D688C960208811CDB\|7540b62b54ffcd0a1370ade1a1f88345
.thestar.com/	1970-01-20 10:05:30	Name: permutive-id Value: 701ee73f-b050-4bf3-bf6e-2cd211b02ea0
.thestar.com/	1970-01-20 08:08:52	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-20 15:20:52	Name: _vwo_uuid Value: D44112DD016876E6D688C960208811CDB
.thestar.com/	1970-01-20 05:44:53	Name: _vwo_sn Value: 0%3A1
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 07:55:54	Name: pxid Value: 05f64a72-4f65-4ac1-8227-7d5fac68035e
.thestar.com/	1970-01-20 07:54:28	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241662292094%3A19.89544149%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
www.thestar.com/	1970-01-20 06:28:04	Name: AccessToken Value: idv2l7n9slyn97m72tkr7b7spkbe16cnp
.t.co/	1970-01-20 15:20:52	Name: muc_ads Value: 0a9c3273-e49d-4a1a-b1a1-811c7df79080
.twitter.com/	1970-01-20 15:20:52	Name: personalization_id Value: "v1_XkbyuCauC3E3DgFXblTslQ=="
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 81844303-12d0-4333-880a-caefa2fec9dd
.thestar.com/	1970-01-20 14:30:28	Name: _ig Value: 6a9b9485-4510-45cb-aec6-4bd9a0075bc6
.google.com/	1970-01-20 10:08:23	Name: NID Value: 511=lg6uB-LdH5Svek9jMuwnyoatucKp69AK5O19kHGekpFkK1WMUZB2WmSR-vNKU74NNpxjhCLgBaa_qjNJm5XOAogKzhcR4eMF6FuoFqKkxwkFCpc6bgDVa9Xkc6LUG36FH9EWw8ZmP00_lSj1Bsz67OrVW9d-yKTMZBYQefoRjHc
.thestar.com/	1970-01-20 05:44:53	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1662292096302%2C%22slts%22:0}
.thestar.com/	1970-01-20 05:46:18	Name: _gid Value: GA1.2.926370253.1662292096
.thestar.com/	1970-01-20 05:44:52	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 05:44:52	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 15:20:52	Name: local_ga_B4CQN4KW3R Value: GS1.1.1662292096.1.0.1662292096.60.0.0
.thestar.com/	1970-01-20 15:20:52	Name: local_ga Value: GA1.1.740898286.1662292096
.thestar.com/	1970-01-20 15:20:52	Name: _ga_6FZFMVVWVN Value: GS1.1.1662292096.1.0.1662292096.60.0.0
.thestar.com/	1970-01-20 15:20:52	Name: _ga Value: GA1.1.740898286.1662292096
www.thestar.com/	1970-01-20 06:28:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.thestar.com/	1970-01-20 14:30:28	Name: selectedPersonalizedCategories Value: []
www.thestar.com/	1970-01-20 14:30:28	Name: personalizedListModeEnabled Value: false
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 15:14:16	Name: _parsely_visitor Value: {%22id%22:%22pid=43ba1bd906e568ffa96f03a79e3266c1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1662292096302}
www.thestar.com/	1970-01-20 14:30:28	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
www.thestar.com/	1970-01-20 05:49:11	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 05:52:04	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1662292096792
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 3c0de16a-7376-4c77-aaf6-8a02bcce16b9
torstar.blueconic.net/	1970-01-20 05:54:56	Name: AWSALBCORS Value: wb/Mr6z6+M0aZjmbGTdkqV8fDlFDCE13ZawIZAHL3ln5KsPpH8wlJeISS03nxGu3P6Qmqs+zLCyp6qchA0NDTNoUHE1ey8C9XP3hhOIcSRrnWtOZDuhVWZta5Zfn
.thestar.com/	1970-01-20 15:06:28	Name: __gads Value: ID=9e0eae38e1ccac2c-228ab63112ce0011:T=1662292096:S=ALNI_Mb1aIF4dQFOdinwODl3YlMbZJV2Fg
.demdex.net/	1970-01-20 10:04:04	Name: demdex Value: 07364879597786424092184627093328757795
.doubleclick.net/	1970-01-20 15:06:28	Name: IDE Value: AHWqTUkB48tbTgkHfDnCXYnWjHO9dwwcUi-4Vp7qTqmL6LB3WFb-MYWSs_S1skiDjpg
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 14:30:28	Name: everest_g_v2 Value: g_surferid~YxSQgQAAAL2ITANx
e377.thestar.com/	1970-01-20 05:54:56	Name: AWSALB Value: 9L8CzUTu92vMVr9AF9sJuqFcjr3Sex6ul5XLTMQgmPLSnyF7oq4/8CJAYJle575AbM82RipDfw0lMcyehLG3pzHFzQ46peMEp1FNk7/KAhdjD+Rxv/xrgAQe5p3S
e377.thestar.com/	1970-01-20 05:54:56	Name: AWSALBCORS Value: 9L8CzUTu92vMVr9AF9sJuqFcjr3Sex6ul5XLTMQgmPLSnyF7oq4/8CJAYJle575AbM82RipDfw0lMcyehLG3pzHFzQ46peMEp1FNk7/KAhdjD+Rxv/xrgAQe5p3S
.doubleclick.net/	1970-01-20 05:44:55	Name: DSID Value: NO_DATA
.dpm.demdex.net/	1970-01-20 10:04:04	Name: dpm Value: 07364879597786424092184627093328757795
.thestar.com/	1970-01-20 15:20:52	Name: s_ecid Value: MCMID%7C07356376588759910112187728713008766505
.thestar.com/	1970-01-20 15:20:52	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19240%7CMCMID%7C07356376588759910112187728713008766505%7CMCAAMLH-1662896897%7C6%7CMCAAMB-1662896897%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1662299298s%7CNONE%7CMCSYNCSOP%7C411-19247%7CMCAID%7CNONE%7CvVersion%7C5.4.0
.thestar.com/	1970-01-20 07:54:28	Name: _rdt_uuid Value: 1662292098445.cfa2ed1e-3ba5-4e3a-a98e-db62d7a11e28
.bing.com/	1970-01-20 15:06:28	Name: MUID Value: 07084A94B5B06BF41F8A5881B43B6A0B
.thestar.com/	1970-01-20 05:46:18	Name: _uetsid Value: 77f154702c4711ed9b07cf706a1def1d
.thestar.com/	1970-01-20 15:06:28	Name: _uetvid Value: 77f196f02c4711ed9662e7505ac098f2
.linkedin.com/	1970-01-20 06:28:04	Name: UserMatchHistory Value: AQKEPS4dm4gQlgAAAYMIVH46S728114cWpFIDyJJaFMkW7df5tazXnbHTqOoGRuGRamnjEINVYHqvQ
.linkedin.com/	1970-01-20 06:28:04	Name: AnalyticsSyncHistory Value: AQKYl9VAtlnFDQAAAYMIVH46aheOtAXEY-G1F7x7jiCtmSQDfx1lWAI-R8PW4309XD7NXj08fUbOPe5Mk9hrbg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:30:28	Name: bcookie Value: "v=2&0b0e8fc2-e111-48fe-8b27-b3b68c0414e7"
.linkedin.com/	1970-01-20 05:46:18	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2716:u=1:x=1:i=1662292098:t=1662378498:v=2:sig=AQGl2w_Un5iSG0rNe81tlyatfIaLlyH8"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:30:28	Name: bscookie Value: "v=1&202209041148186770225b-6af3-4703-81e4-36e693ba8049AQHosG2exuvCKemXEGrdRHwj1lrJDLGW"
.linkedin.com/	1970-01-20 10:04:04	Name: li_gc Value: MTswOzE2NjIyOTIwOTg7MjswMjEfvne+nVtzpTJLZhpTjLX9wfY9qJwYFmaE7o4ehO/7fg==
www.clarity.ms/	1970-01-20 14:30:28	Name: CLID Value: 66f6b0b39cda4bd1a6a17229e7bf008f.20220904.20230904
.c.bing.com/	1970-01-20 15:06:28	Name: SRM_B Value: 07084A94B5B06BF41F8A5881B43B6A0B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:06:28	Name: MUID Value: 07084A94B5B06BF41F8A5881B43B6A0B
.c.clarity.ms/	1970-01-20 05:44:52	Name: ANONCHK Value: 0
.thestar.com/	1970-01-20 14:30:28	Name: _clck Value: 18nic0e\|1\|f4l\|0
.thestar.com/	1970-01-20 05:46:18	Name: _clsk Value: 1kr1gt6\|1662292099825\|1\|0\|e.clarity.ms/collect
.the-ozone-project.com/	1970-01-20 07:54:28	Name: ozone_uid Value: 2EInjKtaQGXdTJ5F80ORzb0Sqir
.smartadserver.com/	1970-01-20 15:15:06	Name: pid Value: 2206665441545970819
.casalemedia.com/	1970-01-20 14:30:28	Name: CMID Value: YxSQhCq01BaeIKRGhdnWdgAA
.casalemedia.com/	1970-01-20 07:54:28	Name: CMPS Value: 5177
.casalemedia.com/	1970-01-20 07:54:28	Name: CMPRO Value: 5177
.casalemedia.com/	1970-01-20 07:54:28	Name: CMTS Value: 1163
.bidswitch.net/	1970-01-20 14:30:28	Name: tuuid Value: ae31332d-abc3-4d5f-8519-807a1b92dd47
.bidswitch.net/	1970-01-20 14:30:28	Name: c Value: 1662292100
.bidswitch.net/	1970-01-20 14:30:28	Name: tuuid_lu Value: 1662292100
.360yield.com/	1970-01-20 07:54:28	Name: tuuid Value: 9cb3f82a-52fb-41d8-9ffd-1df22811f4d3
.360yield.com/	1970-01-20 07:54:28	Name: tuuid_lu Value: 1662292101
.ads.pubmatic.com/	1970-01-20 05:46:18	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 07:54:28	Name: KADUSERCOOKIE Value: 92964E5D-80D0-4F36-BE50-384D54DA8B0B
.pubmatic.com/	1970-01-20 07:54:28	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 05:46:18	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 07:54:28	Name: DPSync3 Value: 1663459200%3A197_219_201%7C1662336000%3A174
.pubmatic.com/	1970-01-20 07:54:28	Name: SyncRTB3 Value: 1663459200%3A21_7_54_3_220_13_161_56_8%7C1663545600%3A35
.adnxs.com/	1970-01-20 07:54:28	Name: uuid2 Value: 6489228004284970727
.quantserve.com/	1970-01-20 07:54:28	Name: d Value: EOUBCwGCJ_ijAA
.quantserve.com/	1970-01-20 15:15:06	Name: mc Value: 63149085-cab01-784c8-80b69
.adform.net/	1970-01-20 06:28:04	Name: C Value: 1
.onaudience.com/	1970-01-20 14:30:28	Name: cookie Value: e7ed60410134c528
.onaudience.com/	1970-01-20 05:46:18	Name: done_redirects161 Value: 1
.de17a.com/	1970-01-20 14:23:16	Name: guid Value: 1.79769047038600253
.adform.net/	1970-01-20 07:11:16	Name: uid Value: 8292620037477096203
.simpli.fi/	1970-01-20 14:31:54	Name: suid Value: 0A1C011BA6CD4A46837D8CCAE601DA99
.onaudience.com/	1970-01-20 05:46:18	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.onaudience.com/	1970-01-20 05:46:18	Name: done_redirects162 Value: 1
.eyeota.net/	1970-01-20 05:44:52	Name: SERVERID Value: 22177~DM
.mathtag.com/	1970-01-20 15:10:47	Name: uuid Value: 08e06314-9086-4200-87f5-140c36ce2fe3
.bidr.io/	1970-01-20 15:13:25	Name: bito Value: AADmZk7GKSEAAA6zlz5J-g
.bidr.io/	1970-01-20 15:13:25	Name: bitoIsSecure Value: ok
.the-ozone-project.com/	1970-01-20 07:54:28	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiODI5MjYyMDAzNzQ3NzA5NjIwMyIsImV4cGlyZXMiOiIyMDIyLTA5LTE4VDExOjQ4OjIzLjA4ODM5ODg4M1oiLCJzb3VyY2UiOiJjb29raWUifSwiYWRueHMiOnsidWlkIjoiNjQ4OTIyODAwNDI4NDk3MDcyNyIsImV4cGlyZXMiOiIyMDIyLTA5LTE4VDExOjQ4OjIyLjkxOTMwNTM2WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBRG1aazdHS1NFQUFBNnpsejVKLWciLCJleHBpcmVzIjoiMjAyMi0wOS0xOFQxMTo0ODoyMi44Njc4Njk3NjlaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiYWUzMTMzMmQtYWJjMy00ZDVmLTg1MTktODA3YTFiOTJkZDQ3IiwiZXhwaXJlcyI6IjIwMjItMDktMThUMTE6NDg6MjAuODc1MjkwNDdaIiwic291cmNlIjoiY29va2llIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjljYjNmODJhLTUyZmItNDFkOC05ZmZkLTFkZjIyODExZjRkMyIsImV4cGlyZXMiOiIyMDIyLTA5LTE4VDExOjQ4OjIxLjI1NTc5Nzg0MloiLCJzb3VyY2UiOiJjb29raWUifSwic21hcnQiOnsidWlkIjoiMjIwNjY2NTQ0MTU0NTk3MDgxOSIsImV4cGlyZXMiOiIyMDIyLTA5LTE4VDExOjQ4OjIwLjQxMTM3NTEwNloiLCJzb3VyY2UiOiJjb29raWUifX0sImJkYXkiOiIyMDIyLTA5LTA0VDExOjQ4OjIwLjQxMTM3MjA2M1oifQ==

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 164) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 164) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.05648524064302829(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 182) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 182) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=22514552016? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=22514552016?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6bd9976b7ed28cdc23b1aa30c2de925c.safeframe.googlesyndication.com
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
crb.kargo.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
e.clarity.ms
e377.thestar.com
eb2.3lift.com
elb.the-ozone-project.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
loada.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
misc.thestar.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prebid.the-ozone-project.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.openx.net
s.thestar.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sejs.moatads.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
thestar.com
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
103.229.205.243
104.18.19.126
104.244.42.131
104.244.42.197
108.138.17.107
108.138.17.25
108.138.2.89
108.138.7.116
13.107.42.14
13.248.245.213
13.32.118.153
13.32.121.17
13.32.121.97
141.94.171.213
142.250.185.194
142.250.186.102
142.250.186.66
15.188.95.229
15.197.193.217
150.136.198.15
151.101.129.140
151.139.128.11
169.50.137.182
178.250.0.163
18.196.120.249
18.198.69.109
18.203.72.119
18.66.100.58
18.66.112.94
18.66.147.50
18.66.23.213
185.64.189.110
185.64.190.78
185.64.190.80
185.86.139.102
185.89.210.46
198.47.127.20
199.232.16.157
2.21.184.200
2.21.185.146
20.234.93.27
20.62.48.180
2001:4860:4802:32::36
213.155.156.184
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:890
2606:4700::6810:7aaf
2606:4700::6812:551
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:27::cafe:1834
2620:1ec:49::44
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c08::9a
2a00:1450:400e:80f::200a
2a02:26f0:10e::6860:5baa
2a02:26f0:f700:4::212:4f10
2a02:26f0:f700:4::212:4f1d
2a02:26f0:f700:4::212:4f23
2a03:2880:f007:8:face:b00c:0:1
2a03:b0c0:3:f0::1bc:5000
2a04:4e42:200::396
3.120.43.214
3.125.70.222
34.107.254.252
34.250.104.41
34.251.87.173
34.96.102.137
35.190.14.224
35.227.252.103
35.241.9.51
37.157.4.25
37.157.4.29
51.104.28.77
52.212.208.199
52.213.150.8
52.222.250.115
52.54.133.158
52.59.173.142
52.59.78.133
52.84.106.80
54.154.221.23
54.155.183.30
54.229.65.185
63.34.81.234
69.173.144.138
72.251.249.9
0130bc9b09a5e5f0976180e8f6f531d5dcc88216af2bbefc6d5c933439903f5a
0181f16e6dd0d3e05fb7e3eaa153ab270716efa2943a52862b8a67ebc9e38abd
01e90c6a7dbb612a7d3212f41dc4b154a8ba29f3763da1ac48cddccfbccbb120
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
040ea6d7af8105799ba9a554a816159f586aac71c5a67ac8b90cf3670dc7d246
0525dd2088d62450cfe408224197cdab8c33dd6d394e16ed65eaa799fcaa830d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a0502637cfaf9a94bdb41c7d04a5db8f66e66bd75960a91796117bebb14791
07a8b0b9eafb94e4d8fc24b3c32e3597b531d86214e32bf5b4d5545a4e0fd321
08fd71300e29bdc2aa0872114431446a30a42c2088ba8d244218918c33fe16d6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0e1b478e52cdc1b31ce61b18c70ba1d76ed07070eae1f9fc3a507fe41fce58bf
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
13976acfda323b810d865e513cb2fe92712651dee5764796477f884f5e4162a3
13e3b1b25f435a4269d929a2a134ded6274db3d7056d9a785b5f72dff0bc174b
14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800
16e6211a68edc8551d0179f3c625e9e25fbd7eb5a8bd7aa2c314d4d424b10081
17e6c1055ddc6dc36a23422eef4be4aa11a2a1597e87f8677d67a6d88ac3f648
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f1a91fb91b6bb762fed65ff6285e9422db12b27c0c8ee61ce54076df4a3fc7
1a501c1c65c29ee1db58d11911089a893f41dc79bc9bcd784b2639d8965dda8e
1a8baff084295a25ec768925d4c47582fe2cc593132e61a394090fe890dd4ca1
1b2975b22f4eb0ddf44cb97ca51b0b70941245f7739dd6c0048e4ed21e57a273
1c2cf3c28b4ca6850e001ad4db41d69f195854dd6b76e53be9b79280e2955d37
1c9f5eb566c14c69605fdfd438faafa20d99a5933db3af1856c4e655b8897600
1e56da4973cf8139c9e45438e1f3eac999faf1a172c90410f28c2144548b920c
1e9adc9c68dd132eae2f6c782675472a40b4b4afdc7bbcdacb705ea32a5257a7
20f9ff7d512bd2f9627b944f9c0b30e5cd5ffcc1263abdee1d53eabcca14c0ab
21dc94de8ca20e368666b6c5606943d973571caaeefb3cf1fd3bf0893104864f
2215bb15fea1147a5293db87e8715aba8f272094761c38b7b7e5df4feb4705d0
23b321ec8412a7f5f088ae9c776e4720083084fdbf532e08747585c65dfa37e9
23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64
24c4ef9d117ed41a7b9fe743dc8fe737d6aca292c82d090a6efdbba03f5e6abc
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a8080a3d37c705cf975d6ab8b7a4162d81f5fbb609218067b38238c44b549e
281b0bba9f73ba5fd398270735d8bc0548e9723c99500878911269284bea27e4
281bd54e02d4fec024b01751f3b17dafe0c8c98bac9f5bd45e98bce81b6e011c
2854d460da2fc54844a7ab7d28562a568c4ab184da9e0a2796687d46dd2f8a96
2a335fc9aa6797b6be42069274eb77745c6a0e6ea2919f4c69c68d9f53ea0a74
2a42dcfaa6b31c7c936094fc84779c6441247f57ba168c251379f17519274dfa
2bab4838bdc40d3ce9ae46731062166b1c45ce88d1acdaa4388e9e86dc4a980e
2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2d33d85b41fc74243c3253fdd3c4bc2015aeb2daf961a6ecd36d515cbb6bf583
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0cb7a84bf231beb42be41189676f3af575bcb048e330694a47d71e34c4c306
2fba34e0e39306b20cb77ed10b3104addc0afa08f1d8c32c5f6ebabd27baf6b9
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31591cb3e64ed60a085e3f3b7463f3687b4ab598954434debf83e5c979d4c99e
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3408d4edeee4822928f0578b10d7f8dcc5174ee68daf38c8ab14989de45315be
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
387321d2c82b1a781be8bbd650b0f35e2f18b4daa2c884151e7750b8eab8acd2
3900b7c64161a9beaaf6f4cb42dd70b934f6d405fd97b3a6aed5db8c45f1c4c7
39ee66967679f7a2f2028d997fc5729ade77f8f04cba4c6e33d875b78601213d
3a0d36fe29e2f048934541fd61222d725c6b350e6549a4868d7d0f95158d8f8d
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3b542bc706a41d36ca02e27cc3a6165104c2b7fdc57aa9a23ca63e164495c2c8
3bb22221479628c1faaf6625645be4ee3d901aa9b437d73e4ff7d5afd9ee520b
3bfaaf5a4d2cb74bffc59beed2bdcf3c3c790ebfe696aabbfd18b3fd37fbacd1
3c8f5a28f3850a6c109b5d6819c495834663f93c080a395293b3c7965bca2588
3c96559ea2342f9ba868e360c2b29d1cfabc350de16ba0c4ea4bc389a7b19564
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e44f029288d633086ee3f34b9eca0fa1e8fd916278cee819217cce063c5bad3
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
402e1d3f36ce9e5139c8dc4a88e17a18959c8cd631ca3ad0edaf34710c6cafcd
40a4bef03ad952669a9b9157ab2e93617cd0907aa99487a6096805779920f63b
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
430c4c62992effb25244e4236cc4b25bf3ca53736b3cdd580978d2412783a7a3
43a09ff877437befc4a1e5edef50bb9bf932fe87747b668abea564be93812767
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4542b9d8c313c5e4232bc17332661fe489a19378e2d3c69ae4579dec0a314ddd
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4695b539491b854c3019555c8554981d6ab0d0770cf000e69b0709bf0a9e05d8
488e65dcfb781a5de3625f8ebc0b52e0edc6860105701494417e5eb361f127a7
4921231f07c20c8df43c97b3b1cd1f06d93516f55ee9bc1b9a69ee3712c1efec
495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313
49b912c86e46e2c6765fdc8b867e6865eb213b56dbfd447a494ece7e27debdc3
49d136b8059cead362b283b6c3efbb8c69d19b29728e3d56d94a54557922e6f1
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49f99bcb097bf1b8fe1e43f5d9ee3bce21cb353b234ee7d893509b0059afc96c
4a491800f46208d25bbe1aac6891312d2a3a311b8029608455663c28813ab71f
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4d1c7cb65dbc93bf67b4dc57ef803c0a97fb874f22d8631456769e8455663da1
4d745e8b5de29c794d781c7dde118aa34cc84377b9d6218fd6368895b97d7a14
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ea706308e049e1d78063e1b725055dc65ce88d3866b53d29a63b9b1ee8ed9d
51951a731f6bdf55550e36101ae73323a699d3320f85e14d8ba0e02e5e191f6c
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54b77d403d92fca3c840fb5bec18709106f1162a227f062f26d29c976bb90c2a
5513624c3d1f1ee8234d1bf7396931509b80962ae772154abcc0ca83bdfcaab9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e7a733a5100f5c0f1b5de1001f44c8426c84d24c87bae50632fdcbd260d9e0
56f54ab8c2216361b118e584269f065009757ebe14042190cce66e14b4aa6ac3
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5726d68edccd1c8876a7b4c66d3f36334306dc20d826515f362f13100ef612e2
578328e993006e1aadf001d01615ea64480a8ddd296eed1e4e60404528ce3be0
581903b979c49c77fa5ccb3f0d06473eda49f43ff8ed576f34db065d4729518a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b6a18f0de76888d35572a456bf421c0ae31b5bbb4949a4747b704f3e8792c37
5bf5694f1fff20fd00703fe7458294f4fc41cdb819914caaa10221f945213430
5c7739b4313f98e7275dd734a1580c1eae0ab8e70e122748b4aa943f838a7a8b
5d207ae453abd771aa41b682c8257249ba80b6c7c1da16250ef8245876b2733a
5d4ca800aa61299f4261503816bc917550000f3122004e2bc1917fe46a06c948
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
5fc57c1a4616b220797fc99e0bc0bc75c6345e604b99ee588e522fc65622be50
60287a1460bc8b22c0f7bbd3f69b5ab66dbda934ec8d94dfdcc1183a15b9cd30
6054a055f0e053acd7c8dbab52cae1bbb5569aab59bbebadaef65b24bad10c05
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61df68afe8b06249527f0189457292b07c2962e2617b898c13bfafbfd6f1268f
61f33093d24bba823c69475516ffbfa6a8e1fcdb75e8b8fe9a834b451b1dd892
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63b281daa3255bbe447586d28e11338a5f2780954f8a604718f8629226fad551
63d505a5671fcad43585ab2aff21bbd1b4d430b7a4562dd6080234127fdf2929
645676ea1399d174daac15f1c8c5b3ae0c67f823df7f25d7b7ead8c87ea1e7a5
65d8a2e3d2d25075af752893f52a235f7734b234d8c94261ecdaaba679f99127
65ec2f00e5bf9c08f07c1279809473c098de91fc90fbe27295ac9a81785b449f
663679bdd35df75aca06e52a2c8f97b2a580f9640c1f2ca50bc3a385c3dcbb47
667927dbcdb28399c2f52d000f01705a87910e9b4fd8b652dec5f38d3b967b87
6965b063365b7d76270b61387b09479aaab77cc053203bd51df5e2ef02fdc33e
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b433a5ddecbb778a6df4dd59274a52edee392196bb3b818a53a353dcb4a6e16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6e073cf26f3d82f4816a5a6b38801e590a33c4c8ad8044cc9d7ebd37b6eabaae
6e2e1bdc9827ee199b4e244fc97b8451e569b9ec5e38b8b77fa0cbc4c1764dfe
6e8be22f27eae7f18cbe4dc31e273b0892eeaef3c78451a65d5d8a4a87f3aa64
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
6f85038d5f75e407979061a15a7e497b6b81be11a5411ccc6e5aaabfa79eaac2
6fe6bbe04bb7abfff7752c4a026b8166de85eb8ba3617174dcee9a5f84daebde
704dbcc9861900d88715d55a12ee4555fc29a49767261a08b1b9acc30aac744b
723567a8970192d61383b601d5dd9c9f7553951cc55618d03539b4ac7b9c92f2
72a4cec145402e8c18fea0ad0e1c6a28afe1b1459fa48b78d94d6baeb6ecb17d
7379b0327b637898a97bc22a1ea1746947c906147156aa8b549e5428e9705c25
743ccf7c6195413f346cedf25f8572293baf18a87fcb6d0090b74ae4ada25670
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748308bbaa4b669bbec85fbe27c40b7150108e1f03290035a7c5f147010fbe2d
7550f04cb53b002d7d7fd42b5c70684ea11a049953027d11c2ddadec2b847604
758f586db681fe7c927cb285ebb9b01fc438bf7de884afb16a3f9fb5a01bb26c
76ce36e0baa7eebd6238bb9e947d276db680757e40b45efe9aa85e495f4c42b4
77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3
782decc222276b3f0e5b65172075b255dd801eab0e0dc172217a5925948f3fc7
79cb4bf53d4f5d60f769343b73b87950db849193e1a72fd63091d938d85b0005
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d528a309f22004c2a778f660d9ffdb29946e5e09d651c7e92405c0c13f0dd19
7f1e737642103fc85b4df4c2c792f03541a20ff20e22253653d5e577a3ea9c1f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82107a9494aa8b0b6fee15ccbd0de36a13122d34f2e62da157b2577ab7650ec6
824f133794403571fb011fb9936dd0e966ce3e4f37dab05013bf68a8b3954caf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd03f1404dc8925efad4dc603ca021f0ffd8989789fd9c92bd8e8efd566dfe
866a92d987e4e700f5801c3d4c78c1006c666779d7b33c2dd8a0c72abbd5be2e
8a8b117ed693bb8cac90e9a23a055c60eb3af867b3b75fc987f178a74fd28121
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bd93f9ed7e7c12f809df29ddd459ca1ea1e95d92e2b18c94778587a03542cab
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
91911884ef71a41c95e1a3cedd7f5d284ecf8299f4beabb2a02fc646b399ac6b
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
927a35b07d6d31298d26ba231ef01c0007c5f89c70710bde0f25ca54585e89bd
95003ed8f3d2f1943ad394e0315cb7aa33060ae1a8d715799f7529b59345dce4
95467498f20c7a05718bd8b96c4f2eecfc2997ce0296d49a2371339ebc5be381
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4afe1f8594749c9df5e2c5e359dd65f95fcee751af9d3d3437caeaff0046da
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9f402d0f96fa4024deaf63dcbab0bbfbc51921eefd8cd9eea67b54bd393d86bc
9fa668bc91560b5f4ff86183dc8734e151322c54162e6ea1afce3cdc7feddc4b
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a181ccf5f0fc2dae01044934d8e64bd638289afe1299f9d6dc03685685b055b7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2708bda4c13c3e0df7ebcc3fced7e1e47df5d74695d908412cd69abeeb4739f
a3c411b7a7a3c1e8ee1be37d2ee5dd7a133f310b7cca70f095f6cdf8f6a62b77
a462263c8a2fb0f4771b6bb72ee694b4464bdc972335539bdbc9e17e7aa3be8b
a48306e9081077ef3dbd91297bacbe423ed479cbd284fba7e7952ea35a50bb30
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56256abd37201dd165bd8c1f26aecdcc5997a43b2e99c5db802c1c3ffd1c2eb
a5ad7e00d96814f5afdb233d96b593141672a5adf440d6bc3354b8ada323a6cf
a5fea65b08369a50e412677fa378552b11cc62715f2059a726c5e714e300f294
a61109cc1eaec8a777a18f35512493fbd26868e251f651f859edad96fe1def68
a63dab84d0bc5b01bb84a251046a59913915f39fda63762763ede363734ae385
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abd5e6d169cc4392bbdf93e9122bda009e6be08e12b963285103ea308c3603ef
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbe017db1419b4aba9729d71cf625f62901ed8ca6a1f8c2a269d5d6bbe09330
ad14263f0802e2cac15658631058a22614641a804bd07a1cc9d10e116678512e
adf4a7ef4e7dedcbcacd0dba7dd2cdff51f09f6add450cbe42936bdbd8591b2d
aeb3d7af2fd0bee15508ecd43a60a084984c793cbdad4f11ea1dd56b05c32b11
aee15f0614398dfe537cb2f284df655ec7b650698375faff9420a6b57c32a159
af9aacdd720170787a55f7afad50e7226ff58940b10341214eb787346d097737
afd090eea822669ff19992b4a366b167a6077bf8c052fc6cfa0df8a7223b1821
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b0cdddbfd12f54aebc9dffbe56d608ee9c7206a7681608df12fa748c5503424f
b0f48248595404b2d99b0bb45bc8061316a3647131cade9bb10eaddc86276209
b2583e40473328ed25875cf3c9524ead407038e175d95711b6191747fca019b7
b2837bdc24f1b153483fbf450da8a713f8f214c628978713f6706a2a73d38b1f
b3892cb532fac8548332664edea788199d24c87dd08eb11faae0a114e1997533
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b45bf0e9f8e3baa36246b21102fa37e44fcb176237a42d788ffe44008d542a93
b4cb8f7415bc55687aa54f93449c4257d0f6f72ac321ad7936f5d234d0451fc8
b5425fef4de3efe663b669fedc49222d899957394803442eea536408e7016ddc
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6822bed641569c43bfec8b8dfe6eb85331f92dbb03f6961696d0b76045d17c8
b7390c143fb117e2e8ba657c53c338b8901d466c14b6ade0a136d70ed046a6ea
b88c0e7d5f60f391a48a488f106b3c2c3331305f793f79b3f77ea83543d2a680
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f
ba96b7a78b3a0e542f2fc244a5f3faa5569c2f5fca694edd704e687c70618dd5
bbe7f72aa2b2a720f2b5ce1fea54abb1aaf934c262e5bef4649d3a79952e5ab6
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bcb0d0f41e1a65c68d4f188ef9b0d0889a685404295db5fe6701dca244d96028
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
be8683d0fa45438975b0440a9f3dc246d5d4ae1050872eb96b58222645aae05c
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
bf2533b1a5b6c3ca6c30d82d4b5c65f31ecaaa1648c8205bce974a7a942d997c
c09192d027335014bed830fa6edd4b552a0e86914cfc99187957e08f9c5870a3
c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a
c7b7cbf807bcbd020d4ebba054177b65e53a0352a18df90d4dbafe3d0572017e
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c8933b2a983b476d3d98650c2f6e4027b6be6de298ed5fadc8420658a972d29d
c938700b88d45c96b5f526a373fd6b50e89c60dd4fd10aa8c0f4ea32385a4c1c
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
cdc0009cd383f3a732ebdfa39454207282f850afb963725e7952634cb261e25b
ce717c1171b1eed98275b243c6cd4b13366caffa375dc0fbba4e4f4de03993f8
ce77f5d01c98082766c207c37cebca004ec1f988394cdc69aa4d052fd6f87c64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1022afca9b12e87328bb0653b0522c7fea801fef4a5cce22e849e0fcd15212b
d29e4b4177ec95b9c5b9a5847159dc5593ae49f7a4d182f6b9c47ba5c6f9f0cd
d2ad04cc0b0849cdaa64d3357cddccb18da4a39fd1c61db0ff12489c82c9675e
d352a791f88d9f0161c01a5f09c8e20312b854ba248f49146dee582f604f6964
d44118dd75bd02616e1591bb1575629e0c19e90626ce017ffbc9ffde8c36d050
d5c524a5b826288140ca0d15f9e08571c024db9e65bc2ae25c1667d8117b6592
d5cbbeb4972b3717ac08103b4ad7902368d349c0aa0523882bd1524cb7c58185
d606f5c6d91571453fe46555ca16c70b14d0aacdc20d4ba3d9456336512f0721
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
da28bf2e84f3c665cdc032009284db31ef760cc2af92d663d74f698ed03aaf30
dc8e2cdc99776090ce7cc24ff50e15a8317cc76b66b2a887c302013dca735aa4
dcd2f3dfe198ba8123b9492c6c744b5a9b2242b77245b44b9e7b4d71a6f5daf2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de520bb7e656229af49598b2be71d59d04d5a75ce155df764bce18ba6a5ef1aa
e01661597829485f9c7de7f8fb27c0d9002652119af7fca21b9e75221283c2ea
e103dff15f2122dfc90f33ad66d6a139f0d6c0e451673775ca6f26ef735f2d00
e1b03cb841dd8bff70b44087173de3d9c9218bf79ab815e213fec2050818f39a
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e357676c07631dfb0599a7b98a39d8465cccabcbf00c6dddf5708153a2f6113e
e36589874626401fa1c03db70c8e6355924aeeda7289fc0feb243d03a021ce7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5918c53d70bf9f21e1f5243c5b6e9d9dee3ac3546ea2fef323488b3017e50
e492052af049ff5961dc391a36a551fa3a6dabd87a5b17999577c8e72529b136
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
eb84db4c2565186cef80088d20398ca44929cf3850d26531a6aa458f83a335de
eb8fd1a6d0d496913054002db2daa057789fe5b480706d6b3a59901fad564c86
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3972e5b1d22016afd301c0194f97ebdcab27102ec7ff5468d2c0ec17580cf7
ec74eead4a8c63b7575dd8df05d188d14bb00a8d6d170acfb289bd92955de981
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee54d346df7760519967663a4eb6f626f188d75dfe237ccfd92f6048d41cba1d
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eea295f2f83e5d861b13d33b5e627d28f4e0f8fb93e568016da20179af00ba16
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f3518016507a066cb22078bf8c16c8e589b9c55bf839e1cb113f17ada8ced939
f36eefad1b9a90aaa5d1c77f35aaa6b6275b7f7d179274bfd7de0e0463eaf205
f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170
f444c368e1ae645a93527a7d863b399cab816de3d41baf74f1d2929360f3a6c2
f445f009a57be3c4eae6c66e4f50a78666caa7e48b71988585b021299aabf688
f44feee7742dd48bdbc857e88776794226551c910e6ce72308d12b73a55e8e9a
f6e604803e7caf1d840778dad7d901e3127c52e197ff9da8b4f96ebd5a61f18f
f966a1dbaef12876a7a3e809b4a14d7c22728cdec92611b45c3b315bc0f670ae
fc05ec05778cbf55f319c58dde43bca6e0eb176f610003865a7ce7d080330a94
fc3dbc5eef2a36dc41affc8c3cee6289f1435977b73d0daba295a85344bccff2
fd3c9891d6a9da85f11b09c905b4ba1717b94d0df35e3826db98eb2c56268836
fd9a291245240c2834419887caed3639c771d8f8554c9efe89f2c5f5942dec10
fe45511fd826d5d3d762d46287466e4f76ae0f22a15fe511e0d27f5404b21d25
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

www.thestar.com Open in urlscan Pro 108.138.17.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

413 Requests

93 %HTTPS

33 %IPv6

70 Domains

112 Subdomains

84 IPs

12 Countries

6399 kBTransfer

23202 kBSize

103 Cookies

18 Outgoing links

Page URL History

Redirected requests

413 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
108.138.17.25 Public Scan

Screenshot
Live screenshot

Full Image

413
Requests

93 %
HTTPS

33 %
IPv6

70
Domains

112
Subdomains

84
IPs

12
Countries

6399 kB
Transfer

23202 kB
Size

103
Cookies

413 HTTP transactions
4 data transactions